kareemsamir
3 months agoNew Member
Rainst.exe registry modification
We have observed that the LMIRfsClientNP service was disabled due to a registry modification performed by the process Rainst.exe. Our SIEM solution has alerted us to this activity.
Questions:
- Is this a normal behavior for the Rainst.exe application?
- If so, what is the rationale behind disabling the LMIRfsClientNP service?