It’s something you encounter regularly on Windows: you can’t access a file because it is in use by another process.
I wanted to look at a malware sample with my zipdump.py tool, and got this result:
Maybe that sample is locked by an AV program or so, I thought, so I used Process Explorer to find open handles to this sample file.
And I found no open handles …
Then it dawned on me: “The process cannot access the file because it is being used by another process.” …
That is not a message I coded in my zipdump.py tool …
So it’s not the sample file that can’t be opened, it’s zipdump.py!
I searched again with Process Explorer, this time for open handles to zipdump, and indeed: the file was open in a comparison program. I closed it, and then I could run the command.
Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
