RemoteProcessOperations
Most remote process operations were not implemented in Wine until early 2007. This includes CreateRemoteThread/RtlCreateUserThread and the Virtual*Ex/Nt*VirtualMemory (e.g. VirtualAllocEx/NtAllocateVirtualMemory and VirtualQueryEx/NtQueryVirtualMemory) functions.
A patch implementing these was posted by Thomas Kho on 18 August 2006; see http://winehq.org/pipermail/wine-patches/2006-August/date.html#29894 Alexandre later rewrote this himself and merged it as of wine-0.9.30 or so.
Users
Who uses these APIs?
VirtualAllocEx is needed if you want to retrieve text from windows controls like ListView from another process; see Win32::GuiTest doc. AutoHotkey also uses VirtualAllocEx to retrieve ListView contents.
Stefan Siebert mentioned that VirtualQueryEx is necessary for Lotus Notes Software Diagnostics
Reverse Engineering and Program Understanding mentions that VirtualQueryEx, VirtualProcessMemory, ReadMemoryEx, and WriteProcessMemory are used by debuggers. For instance, by windbg and ollydbg.
MikeHearn mentioned that Armadillo copy protection requires SetThreadContext/GetThreadContext. (These are probably ok as of 11 Jan 2006.)
TODO
Windows maps kernel32 and ntdll to the same location in each process; this makes it possible to call library functions with CreateRemoteThread. Unfortunately, this is only sometimes the case for Wine. Please see this wine-devel thread for a discussion.
Relevant wine-devel Threads
ntdll: CreateRemoteThread and friends for remote processes, take 3, via APCs (August 2006)
ntdll: CreateRemoteThread and RtlCreateUserThread for remote processes, take 2 (August 2006)
ntdll: enable CreateRemoteThread and RtlCreateUserThread for remote processes (July 2006)
ntdll: a simple implementation of cross-process NtAllocateVirtualMemory (June 2006)
Support remote operations in wineserver (September 2004)
CreateRemoteThread and related stuff (patch) (August 2004)
Unhandled API Call to Kernel32 Question (May 2004)