CyberArk is not consumer software. If it appears outside a work context, run antivirus scans immediately. Quick Summary Table: | Condition | Verdict | |---------------|--------------| | Path: C:\Program Files\CyberArk\... + Signed by CyberArk | ✅ Safe | | Path: C:\Windows or Temp + No signature | 🚨 Malware | | CPU 0-2% idle + owned by IT-managed PC | ✅ Safe | | 100% CPU + unknown publisher + spawns PowerShell | 🚨 Malware | | You work at a large enterprise with compliance needs | ✅ Expected process |
If you are unsure, engage your security team or run an offline malware scan. psminitsessionexe is not a native Windows component – it was placed there intentionally, either by your security team or by an adversary. Know which one applies to you. Last updated: October 2025. Information based on CyberArk versions 11.x to 14.x and Windows 10/11. psminitsessionexe
If you see it in your Task Manager, your IT department likely pushed the CyberArk Agent to your laptop as part of a zero-trust or endpoint privilege management policy. Scenario C: Legacy or Development Environment Some developers use CyberArk’s SDK or test PSM connectors in non-production labs. The process might linger even after uninstalling other components. 3. File Location & Legitimacy Check One of the most reliable ways to tell if psminitsessionexe is legitimate is by its file path. CyberArk is not consumer software