The files with reserved names can be created using a path specified by using ‘\\.\’ notation e.g. ‘\\.\c:\riddle\con’. You can read more here.
Author Archives: adam
Forensic Riddle #5
Normally it is impossible to create files with names reserved for old DOS device drivers e.g. ‘con’, ‘lpt1’, ‘lpt2’, etc., yet some malware still manages to create them.
How?
Answer here