Location:
State:
Carrier
Country
Status

semav6msr64.sys - What installed it & how to remove it


Just checking my installed drivers, I found the driver semav6msr64.syslisted in Autoruns? Looking at file properties gives no clue what it is for. What is the purpose of this driver and can I remove it?

Also, there are various driver entries by Mellanox e.g. winmad.sys, winverbs.sys, ibbus.sys, mlx4_bus.sys, ndfltr.sys,. These relate to Open Fabric Windows. What are these drivers and do I need them?

semav6msr64.sys Windows process - What is it?
Malware scan of winmad.sys (OpenFabrics Windows) bf55b54e91ef6a6df1b05037fee24c962eef97fa - Reason Core Security Labs
Malware scan of winverbs.sys (OpenFabrics Windows) 368f3dd3b9a323891a7af395c28ca42e3f33a45b - Reason Core Security Labs
Malware scan of ibbus.sys (OpenFabrics Windows) e16f071eade6475d38384dbdf42ac017e6104f49 - Reason Core Security Labs

A good way to find what drivers are is to look at carrona.orgdriver reference table.

Take the driver you are interested in and search in this format replacing the driver name as appropriate:

http://www.carrona.org/drivers/driver.php?id=semav6msr64.sys

In the first case Driver Reference Table - semav6msr64.sys indicates it comes from SEMA Software who appear to make some CAD software for modeling timber buildings - .

Normally you are better off uninstalling the software than removing the driver which can cause unpredictable results.

I find I get a different driver listing in Autoruns if I tick the boxes "Verify Code signatures" and "Check VirusTotal.com". I get many fewer drivers listed with these boxes ticked - I don't know why. What causes drivers to be listed in Autoruns under these options and how do you tell if they are active/loaded? It's very difficult to locate the programs which installed various drivers.

I noticed semav6msr64.syson my system earlier today (also via Autoruns), and eventually tracked down the program which installed it - you heard it here first! It's an Intel file, and just coincidence that SEMA Software authored a driver file with the same name.

On my system the driver was installed by the Intel Driver Update Utility Installer, which I'd installed to update my Intel drivers. Uninstalling this program after use doesn't uninstall semav6msr64.sys,presumably due either to a bug in the uninstaller or to laziness of the development team who wrote it. I don't like leaving software package remnants on my system for no good reason, so removed it as follows:

  1. Create a System Restore Point in case the following steps cause any problems.
  2. Uninstall Intel Driver Update Utility Installer, if it appears in the installed programs list in Control Panel.
  3. Rename semav6msr64.systo semav6msr64.sys.bk[to be deleted sometime later if no problems are encountered].
  4. If, and only if, you're comfortable editing the registry, delete the following keys (otherwise just leave them, they'll have negligible effect):

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetEnumRootLEGACY_SEMAV6MSR64
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetservicessemav6msr64

I noticed semav6msr64.syson my system earlier today (also via Autoruns), and eventually tracked down the program which installed it - you heard it here first! It's an Intel file, and just coincidence that SEMA Software authored a driver file with the same name.

On my system the driver was installed by the Intel Driver Update Utility Installer, which I'd installed to update my Intel drivers. Uninstalling this program after use doesn't uninstall semav6msr64.sys,presumably due either to a bug in the uninstaller or to laziness of the development team who wrote it. I don't like leaving software package remnants on my system for no good reason, so removed it as follows:

  1. Create a System Restore Point in case the following steps cause any problems.
  2. Uninstall Intel Driver Update Utility Installer, if it appears in the installed programs list in Control Panel.
  3. Rename semav6msr64.systo semav6msr64.sys.bk[to be deleted sometime later if no problems are encountered].
  4. If, and only if, you're comfortable editing the registry, delete the following keys (otherwise just leave them, they'll have negligible effect):

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetEnumRootLEGACY_SEMAV6MSR64
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetservicessemav6msr64
Thanks - as I further check, I first disabled semav6msr64.sys using Autoruns then rebooted. I didn't have the first registry key but deleted the second and deleted the driver file. I now have no trace of semav6msr64.sys.

Just another reason to use 3rd party uninstallers like Revo that gets rid of everything program's own uninstaller leaves, files and/or registry entries.
There may be some sloppy programing or intentional leftovers.

semav6msr64.sys - What installed it & how to remove it