Service Discovery: add option "do only remove UNKN services" and add Thresholds for Privileged CPU usage in Windows

i’d like to have an additional option for autodiscovery which only removes services that go UNKN, like f.ex. removed filesystems and exclude services that go stale.
Reason: last October we managed to use Checkmk to prove a memory leak in latest McAfee agent for Windows.
This leak caused the agent using more and more CPU, which Checkmk showed as “Privileged” (the orange graph part) but were invisible in the system itself. At one point this was so much (not the total usage which was not higher than 60%) that the whole WMI subsystem got affected and nearly every check (except filesystem) vanished. Since we have a constant server migration going on (machine replacements with same name/ip) the Discovery Rules define that for all Windows hosts services are added/removed automatically. But since WMI did not work properly the rule removed all services which simply could not answer due to WMI high load and went stale.
Also defining thresholds for this “privileged” would be a thing because we saw it only by “accident” because thresholds are only for “Total” which was not affected…