CreateRemoteThread的方法，这是代码

how about CreateRemoteThread,here is the code

HANDLE hThread;
char szLibPath[_MAX_PATH]; 
void* pLibRemote; 
DWORD hLibModule; 
HMODULE hKernel32 = ::GetModuleHandle("Kernel32");
pLibRemote = ::VirtualAllocEx( hProcess, NULL, sizeof(szLibPath),
MEM_COMMIT, PAGE_READWRITE );
::WriteProcessMemory( hProcess, pLibRemote, (void*)szLibPath,
sizeof(szLibPath), NULL );
hThread = ::CreateRemoteThread( hProcess, NULL, 0,(LPTHREAD_START_ROUTINE) ::GetProcAddress( hKernel32,
"LoadLibraryA" ),
pLibRemote, 0, NULL );
::WaitForSingleObject( hThread, INFINITE );
::GetExitCodeThread( hThread, &hLibModule );
::CloseHandle( hThread );
::VirtualFreeEx( hProcess, pLibRemote, sizeof(szLibPath), MEM_RELEASE );
hThread = ::CreateRemoteThread( hProcess, NULL, 0,
(LPTHREAD_START_ROUTINE) ::GetProcAddress( hKernel32,
"FreeLibrary" ),
(void*)hLibModule, 0, NULL );
::WaitForSingleObject( hThread, INFINITE );
::CloseHandle( hThread );

您不能将DLL注入"到现有程序中.可执行代码必须调出DLL.您可以(可能)将Windows DLL替换为自己的版本，该版本提供经过修改的功能，但这并不是一件容易的事.

You cannot ''inject'' a DLL into an existing program. The executable code has to make a call out to the DLL. You could (possibly) replace a Windows DLL with your own version which offers modified functionality, but it would not be a trivial task.