How much can one gain with "Digital Man" carrying a HIPS on his back? I don't see the benefit/hassle ratio as being worth it. NoD32 doesn't miss enough to justify a HIPS iMo.
I have Threatfire, and honestly, beside the very quick download and installation procedure, there's no other hassle involved. The program is quiet and light. NOD32 may not miss enough, but if you get infected by the one virus it missed, then the statistics lose their meaning. Same applies to any security solution. And by the way, Threatfire doesn't allow its processes/services to be terminated, nor its files to be renamed.
I used Threatfire and it played nice with ESS. While it had a fairly small RAM footprint, it would consistently spike CPU usage 23 - 26% every 10 seconds or so. Consequently, it noticably slowed my system. Now I use Prevx2, which is greatly improved over the earlier version, and when not scanning, which it only does on boot for active processes, it has a RAM footprint similar to Threatfire, yet uses far less CPU cycles and has far less system impact. I like the fact that it in "Expert" mode you have greater control over outbound connections than you do with ESS in interactive mode. Prevx checks all unknown or suspicious files in real time with a huge active community and that explains why they are often the first to detect bots and other malware. Support is fantastic, most often replying within the same day. They do recommend that it should be used with a signature based product and a firewall, but many use it as their only antimalware/antivirus product. I've been a user since 2004.
I use ThreatFire but it spikes CPU usage by 50% every 10 seconds, not 25%. At the same time, CPU usage is so low even with email and Web browser open (10%) that I do not sense it slowing down my system.
I've been using System Safety Monitor alongside ESS for about a month now and from what I can see, they are working perfectly together. I haven't noticed any spikes on resources (CPU, RAM) and performance seems to be pretty good.
