It's amazingly easy to get around such things. Eventually I'll write up a blog post on how I've gone about it, and potential future ways of doing it.
For the record, monitoring DLL loads is silly, because well, it only monitors DLL loads. If you load the DLL into memory yourself (essentially replicating the standard functionality), it's a non-issue, and that's not terribly hard.
Yes, DEP doesn't come into play if you properly set the protection on your code pages. The DLL specifies the protection for each section of the file, so that much is easy.
For the record, monitoring DLL loads is silly, because well, it only monitors DLL loads. If you load the DLL into memory yourself (essentially replicating the standard functionality), it's a non-issue, and that's not terribly hard.