How to detect and remove a Remote Administration Tool (RAT) like DarkComet

In our previous post on DarkComet we explained that the DarkComet tool is a very popular tool among hackers and cybercriminals, so the chance is there that you or your relatives might come in contact with the DarkComet Remote Administration Tool or any other malicious RATs.

There are some genuine RATs available on the internet, a very famous one is the LogMeIn service which is actually a Remote Administration Tool.

This might sound crazy

This might sound crazy, but I strongly urge you to install an antivirus if you are trying to remove and identify malware on your device. The reason why I urge you to use an antivirus is the fact that an antivirus will not only remove the malware from your computer in the right order, it will also prevent any data leakage.

But let’s for a second imagine that your antivirus is unable to identify the DarkComet RAT.

Disconnect the Remote Administration Tool

The first thing which we will do, is to disconnect the device from the internet. We do this as this will guarantee us that the cybercriminal or hacker will not be able to perform further actions in order to stop us from removing the malware from the infected device.

Netstat -A

The next step which we will need to take is the “NETSTAT -a” command in your “CMD Window”. You can start the “CMD” window by navigating to the search option of your device and typing in “CMD”. Once you see the “Command prompt” you can click on it and it will open the “CMD Window” for you.