Ability to detect DLLs when Image Execution Control Level is set to Normal

Please consider changing CIS so that DLLs are detected when Image Execution Control Level is set to Normal, and Files to Check includes entry *.dll. Currently, DLLs can only be detected when Image Execution Control Level is set to Aggressive, which seems to sometimes result in detection of DLLs that aren’t involved in execution. Additionally, if Files to Check includes entry *.dll, DLLs of any extension should be detected, not just those with extension .DLL.

We’ve seen recent Windows vulnerabilities where this capability would have been useful. Two of these are https://forums.comodo.com/virusmalware-removal-assistance/rootkittmphider-t59193.0.html and Zero-day Windows bug problem worse than first thought, says expert | Computerworld.

Some would probably object to detecting DLLs due to a belief that too many Defense+ alerts would be generated. In fact, this doesn’t have to be the case if one is using CIS as an anti-executable in an account with limited privileges - as described at https://forums.comodo.com/guides-cis/using-comodo-internet-security-as-an-antiexecutable-t60303.0.html.

Yes, this feature is a must. But there must be some sort of white-listing for dlls or some other way to reduce the no of pop ups about legit dll loading. May be a scan of the C drive and trust already present dlls on C drive or a white listing date base.