This article details some of the important file folders, services, and registry entries used by PGP Encryption Desktop (Symantec Encryption Desktop)

To resolve some issues with PGP profile you need to delete PGP folders and re-enroll the PGP client, for example, when getting policy from server is needed, but PGP tray is disabled by organization policy.

PGP Desktop Folders

%USERPROFILE%\My Documents\PGP

This is the default location for the private and public keyring files that store the PGP Encryption Desktop encryption keys. This folder is not automatically deleted when PGP Encryption Desktop is uninstalled as that would destroy the PGP keys that are contained inside it.

%USERPROFILE%\Application Data\PGP Corporation\PGP

This is the location where preferences and policy files are stored for PGP Encryption Desktop. This is also the location where the PGP Encryption Desktop log files are kept in a text file form. If enrollment fails it may be useful to delete this folder and start over after stopping the PGP services.

 

PGP Encryption Desktop Services

PGPTray.exe

This service starts PGP Desktop services when a client computer's services start. The service is added to %USERPROFILE%\start menu\programs\startup folder. This executable checks the preference files located in Application Data (PGP folder) to see if a user already is enrolled and has existing policy. It also checks the PGPSTAMP registry entry for the FQDN of the PGP Universal Server and where to check for policy.

PGPServ.exe

This is the underlying service and service structure for other PGP Desktop services. It is independent of the PGPTray.exe services and may need to be stopped in order to delete the PGP folder in Application Data. It will also need to be started before PGPTray.exe and/or PGP Desktop can be run. PGPServ is started and stopped in the Services tool in Windows. 

PGP Encryption Desktop Registry Entries

PGPSTAMP

This is a registry entry

On 32-bit Windows it's located here: HKEY_LOCAL_MACHINE\SOFTWARE\PGP Corporation\PGP

For 64-bit Windows it is located here: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\PGP Corporation\PGP

In non-managed installations of PGP Encryption Desktop the entry reads Default PGP Stamp. In PGP Encryption Management Server managed environments of PGP Encryption Desktop, this entry is used to determine what PGP Universal Server should be checked with for policy and the stamp will display something similar to:

ovid=keys.example.com&mail=hq-examplemail&admin=1

ovid =someservername refers to the hostname of the PGP Encryption Management Server that the client receives checking policy from.

mail=somemailserver refers to the WINS name or hostname of the mail server that the user utilizes to check mail.

&admin=1 is a PGP reference mark only and does not need to be modified.