Don’t you just hate it when you’re perusing sys32 and come across items that have little attribution and even less authoritative information Online?  Me “combing over” sys32 seems to be a nasty little habit in my spare time that is on the rise, lol.  Maybe it’s the times?

Anyhow, from what I have been able to gather is that d3d9caps.dat is part of Microsoft Direct 3D, and applications that are dependent upon it, need it to function properly.  All’s well that ends well, right?  WRONG.  Then I’m hearing banter that d3d9caps.dat is actually a malicious trojan.  Who to believe, who to believe?  Well, on an independent system, this item seemed to be modified after a certain domain was visited.  I definitely did not like that.  Subsequently, I deleted d3d9caps.dat (part of my dog-bomb style approach to threat remediation, lol) and did NOT notice any adverse repercussions moving forward. My final conclusion is that while not necessarily harmful, this item is really unnecessary and can be safely removed from sys32.  Now, this is just my feeling, but, if this d3d9caps.dat was really a critical component, would not it be restored upon retrieving Windows high-priority updates?  Yet, it is not. 

Regarding ICAutoUpdate.log.bak, what I have been able to extrapolate is that it is an item commonly found on Lenovo laptops of which the independent system I discussed earlier IS a Lenovo X200 laptop! 

If you have more information with respect to d3d9caps.dat or ICAutoUpdate.log.bak, feel free to “jump in” (so to speak).

Regards,

H.B.