I have DLL added to image execution control and set it to aggressive. To prevent too many pop-ups I have a global defence+ rull that allows all programs under c:\program files and c:\windows to run all dlls under c:\program files and c:\windows. This gives very few pop-ups but I still get a pop-up for a dll or program in an unusual place. I have file groups “safe applications” and “safe dlls” to make this rule. If you run as a limited user malware cannot be saved to windows or programs files and it is very safe. I have similar rules for exes.