I hope this question isn't in violation of this forum's rules because I really need it answered. I understand that a RAT (Remote Access Trojan) can give a hacker total access/control over a person's computer. I assume that the hacker can, after his/her dirty deed(s) uninstall the RAT. My question is: Is it possible to detect that the RAT was installed then removed and are there telltale remnants left in the registry or in the system files or somewhere else?