I've started a bit of windows programming and I stumbled upon this function, but I cant see how this can be used in a program. But moreover, I don't really understand what it is supposed to do... I've looked over here: http://msdn.microsoft.com/en-us/library/windows/desktop/aa366907(v=vs.85).aspx. It says that it retrieves info from another process, so I'm guessing it can look at some variables in another program???

Hi,

VirtualQueryEx() function can be used in multiple ways in real-time scenarios for example to read memory of other process because they want to see if a process is a Malware process next it can be used to find out about memory which can help as a Anti-Reversing technique for example if a Process created a Remote Thread in our process we can terminate the thread and then explore the process which created thread in our process in order to explore why it tried doing that and what was its plan.

I don't really understand what it is supposed to do...

As SpaceWorm has already said, it allows one process to read another process's memory (when it has the required access rights.)

so I'm guessing it can look at some variables in another program???

Yes, if you know where they're located in memory (VirtualQueryEx only know about bytes.)

What is the use o VirtualQueryEx()?

It's legitimate uses are predominantly diagnostic. The function is used by debuggers and virus checkers to determine what's going on in an application's address space.

Andy

Oh I see. thanks.