Do you know that if you run ReHIPS, then another security soft's protections might not function inside the ReHIPS isolated environment - but instead only in the real user profile (real desktop) ?
Easy test -- download known malware to isolated environment, if it is not detected or blocked by other security soft inside the isolated environment then it doesn't function.
You only need other security softs with ReHIPS if you are actively using the real desktop to download and open files. If that is the case, then that defeats the whole purpose of using ReHIPS in the first place. Run unknown\untrusted files inside the isolated environment and it is the isolated environment that will be infected - and not your system. Same principle applies to Sandboxie, Shadow Defender, HDS Rx products, etc.
Of the two that you mention, Webroot has the benefit of adding some network protections plus it is incredibly light. But it isn't needed for a home system; it is needed if you use public wifi. It's privacy protections do not work inside the isolated environment - but aren't needed any way - since if you use ReHIPS as recommended you have launched applications in completely different isolated environments - thereby disallowing any inter-program tampering to include keylogging\data theft. Likewise, Webroot isn't going to rollback anything executed inside the ReHIPS isolated environment.
I haven't tested Zemana with ReHIPS. So I can't comment on how the combo works.
Exploit protection is overkill if you keep your currently installed softs up-to-date. I suppose if you use the most widely exploited softs - like java, flash, etc - then it does add a just-in-case layer of protection - that you should be aware might or might not prevent a true zero-day.
Before I am accused of being off-topic and de-railing your comparison thread:
Webroot
- Incredibly light
- Proven to work well as a separate protection for real desktop along-side ReHIPS