What is the DLL injection method for deleting EVT logs on Windows XP and how does it differ from newer systems?

On Windows XP, you inject a DLL into the event log process using CreateRemoteThread (since NtCreateThreadEx + LdrLoadDll is not available). Once injected, the DLL obtains the log file handle and performs file mapping operations: CreateFileMapping, MapViewOfFile, modifies memory to delete records, then calls FlushViewOfFile to write to disk. This is similar to the EVTX injection approach described in Windows XML Event Log (EVTX) Single Log Entry Deletion (Part 4), but adapted for XP's threading limitations.