Digital Signature Cache

The digital signature cache file is used during Manual Scan, Scheduled Scan, and Scan Now. Clients do not scan files whose caches have been added to the digital signature cache file.

The OfficeScan client uses the same Digital Signature Pattern used for Behavior Monitoring to build the digital signature cache file. The Digital Signature Pattern contains a list of files that Trend Micro considers trustworthy and therefore can be excluded from scans.


Behavior Monitoring is automatically disabled on Windows server platforms (64-bit support for Windows XP, 2003, and Vista without SP1 is not available). If the digital signature cache is enabled, OfficeScan clients on these platforms download the Digital Signature Pattern for use in the cache and do not download the other Behavior Monitoring components.

Clients build the digital signature cache file according to a schedule, which is configurable from the web console. Clients do this to:

  • Add the cache for new files that were introduced to the system since the last cache file was built

  • Remove the cache for files that have been modified or deleted from the system

During the cache building process, clients check the following folders for trustworthy files and then adds the caches for these files to the digital signature cache file:


  • %WINDIR%

The cache building process does not affect a computer’s performance because clients use minimal system resources during the process. Clients are also able to resume a cache building task that was interrupted for some reason (for example, when the host machine is powered off or when a wireless computer’s AC adapter is unplugged).