The risk that is left un-mitigated are exploits that launch payloads in RAM. An anti-malware can catch known malware Files. An anti-exe will cover the rest of the unknown malware Files. And OSArmor can catch some script based attacks. But hackers know the in's and out's of those also. Remote control tools are deliberately not covered by anti-malware because they have legitimate uses. You could legitimately want to access and control your PC from a coffee shop. Exploits attacks security coding flaws, and nothing can stop those because only hackers know of the flaws, and they are not about to file a CVE. After the exploit works by launching the hacker's inserted code, and then they bring over a remote control tool to RAM, and it runs by just adding a jump instruction to the payload code. Most hackers are nosy, they want to watch what you do, then reconfigure your system to their comfort so they can gain persistence if you reboot. And none of your above tools will be the wiser.
If you leave your system with the default firewall rules as provided by MS, you will get hacked, just a matter of time. If the stupid hacker is foolish enough to use malware, then maybe you will get lucky and your anti-malware will catch it. But then, most experienced hackers tests their 'malware' against common AV's and make sure they are not detectable.
A possible defense is to maintain a snap shot of all the startup points in Windows, and watch for changes. If an entry was made in the registry to launch some program, you want to be the first to know about it.
Event Viewer is your friend - searching for Event ID 1000 and 1001 will reveal which program crashed or hung; a common indication that an exploit was launched against that program. You can specify a custom view for those two.
Other baselines are also possible. For example, driverquery is a command line tool that lists all your drivers. And some hacker tools are drivers, not exe's. So you save yourself a list and compare regularly.
Regular monitoring is something that is not publicized and is an essential 'tool'. It is laborious, not sexy like AI tech, and quite boring to execute. But organizations which are serious about it have SIEM panels, that monitor for abnormal events. A new auto-run program, an after midnight network connection, etc. "Know what is normal, and check out the rest."
Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.: Don Murdoch GSE: 8601411308048: Books - Amazon.ca
And a tool you omitted is backup. Preferably a disk image which you can restore your system to in just a few minutes. A drive C with just security tools should only occupy around 10 GBs. And you can store a few versions on a USB memory stick. Macrium Reflect Free is the one I use. And when I don't feel like hunting down the intruder, I just restore a drive image. But that leaves the vulnerability un-addressed.
