March 24, 2020
Above snippet demonstrate how to enumerate files openned by running programs on Windows.
Some file unlocker use that technique to find where a specific file is attached and then force processes using that file to release it handle (via code injection techniques). I will write an example in a future snippet thread.
Notice: At the bottom of that page, you will see a concreate example about how to use that unit.
March 12, 2020
You will find below an example of how to enumerate process modules using the well known Windows API CreateToolHelp32Snapshot(), I will cover additional methods soon.
You may notice that when using CreateToolHelp32Snapshot(), first result (row) is generally the Image Path of the process owning module. I ignore that row by checking the value of szExePath with owner process image path.
GetProcessName() is compatible since Windows Vista. It is possible to support Windows XP and below but not in this example.