Xenapp AntiVirus Exclusions

Reading Time: 2 minutes

The following antivirus exclusions should be applied to all Citrix infrastructure servers:

– Set real-time scanning to scan local drives only and not network drives
– Disable scan on boot
– Remove any unnecessary antivirus related entries from the Run key
– Exclude the pagefile(s) from being scanned
– Exclude IIS log files from being scanned
– Exclude Windows event logs from being scanned

Below are the recommended antivirus exclusions, by Citrix product:

Citrix Profile Manager Agent:

– Do not scan on open or status-check operations
– UserProfileManager.exe

EdgeSight Agent:

– <AllUsersProfile>\Application Data\Citrix\System Monitoring\Data
– \ProgramFiles\Citrix\System Monitoring\Agent\Core\rscorsvc.exe
– \ProgramFiles\Citrix\System Monitoring\Agent\Core\Firebird\bin\fbserver.exe


– \CommonProgramFiles\\Citrix\System Monitoring\Server\RSSH
– \ProgramFiles\Citrix\System Monitoring\Server\EdgeSight\scripts\rssh
– \ProgramFiles\Citrix\System Monitoring\Server\EdgeSight\Pages
– \ProgramFiles\Microsoft SQL Server\MSSQL\Reporting Services
– \ProgramFiles\Microsoft SQL Server\MSSQL\Data
– \SystemRoot\SYSTEM32\Logfiles

Provisioning Services Server:

– Exclude scanning of Local vDisk Store
– \Windows\System32\drivers\CvhdBusP6.sys
– \Windows\System32\drivers\CfsDep2.sys
– \Program Files\Citrix\Provisioning Services\BNTFTP.EXE
– \ProgramData\Citrix\Provisioning Services\Tftpboot\ARDBP32.BIN
– \Program Files\Citrix\Provisioning Services\StreamService.exe
– \Program Files\Citrix\Provisioning Services\StreamProcess.exe
– \Program Files\Citrix\Provisioning Services\soapserver.exe


– Exclude scanning of Write Cache
– \Program Files\Citrix\Provisioning Services\BNDevice.exe
– \Windows\System32\drivers\bnistack6.sys
– \Program Files\Citrix\Provisioning Services\TargetOSOptimizer.exe
– \Windows\System32\drivers\CfsDep2.sys
– \Windows\System32\drivers\CVhdBusP6.sys

Target – Personal vDisk:

– CTXPVD.exe
– \Program Files\Citrix\Personal vDisk\BIN\WIN7\

XenApp Controller:

– Windows\system32\csrss.exe
– Windows\system32\winlogon.exe
– Windows\system32\userinit.exe
– Windows\system32\smss.exe
– Program Files\Citrix\Group Policy\Client-Side Extension\CitrixCseEngine.exe
– Program Files (x86)\Citrix\System32\wfshell.exe
– Program Files (x86)\Citrix\system32\ctxxmlss.exe
– Program Files (x86)\Citrix\System32\CtxSvcHost.exe
– Program Files (x86)\Citrix\system32\mfcom.exe
– Program Files (x86)\Citrix\System32\Citrix\Ima\ImaSrv.exe
– Program Files (x86)\Citrix\System32\Citrix\Ima\IMAAdvanceSrv.exe
– Program Files (x86)\Citrix\HealthMon\HCAService.exe
– Program Files (x86)\Citrix\Streaming Client\RadeSvc.exe
– Program Files (x86)\Citrix\Streaming Client\RadeHlprSvc.exe
– Program Files (x86)\Citrix\Independent Management Architecture\RadeOffline.mdb
– Program Files (x86)\Citrix\Independent Management Architecture\imalhc.mdb

Session Host:

– \Windows\system32\spoolsv.exe
– \Windows\system32\csrss.exe
– \Windows\system32\winlogon.exe
– \Windows\system32\userinit.exe
– \Windows\system32\smss.exe
– \Program Files\Citrix\Group Policy\Client-Side Extension\CitrixCseEngine.exe
– \Program Files (x86)\Citrix\System32\wfshell.exe
– \Program Files (x86)\Citrix\system32\CpSvc.exe
– \Program Files (x86)\Citrix\System32\CtxSvcHost.exe
– \Program Files (x86)\Citrix\system32\mfcom.exe
– \Program Files (x86)\Citrix\System32\Citrix\Ima\ImaSrv.exe
-\Program Files (x86)\Citrix\System32\Citrix\Ima\IMAAdvanceSrv.exe
– \Program Files (x86)\Citrix\HealthMon\HCAService.exe
– \Program Files (x86)\Citrix\Streaming Client\RadeSvc.exe
– \Program Files (x86)\Citrix\Streaming Client\RadeHlprSvc.exe
– \Program Files (x86)\Citrix\XTE\bin\XTE.exe
– \Program Files (x86)\Citrix\Independent Management Architecture\RadeOffline.mdb
– %AppData%\ICAClient\Cache (if using pass-through authentication)
 XenClient Synchronizer:

– \Program Files\Citrix\Synchronizer|

XenDesktop Controller:

– \Windows\system32\csrss.exe
– \Windows\system32\winlogon.exe
– \Windows\system32\userinit.exe
– \Windows\system32\smss.exe

Controller – pre-XenDesktop 7.x:

– \Program Files\Citrix\Group Policy\Client-Side Extension\CitrixCseEngine.exe
– \Program Files (x86)\Citrix\System32\wfshell.exe
– \Program Files (x86)\Citrix\system32\ctxxmlss.exe
– \Program Files (x86)\Citrix\System32\CtxSvcHost.exe
– \Program Files (x86)\Citrix\system32\mfcom.exe

Windows Server OS Machines – XenDesktop 7.x:

– \Windows\system32\spoolsv.exe
– \Windows\system32\csrss.exe
– \Windows\system32\winlogon.exe
– \Windows\system32\userinit.exe
– \Windows\system32\smss.exe
– \Program Files\Citrix\Group Policy\Client-Side Extension\CitrixCseEngine.exe
– \Program Files (x86)\Citrix\System32\wfshell.exe
– \Program Files (x86)\Citrix\system32\CpSvc.exe
– \Program Files (x86)\Citrix\System32\CtxSvcHost.exe

Soure and for more info – Citrix Consolidated List of Antivirus Exclusions

Replicating print driver xenapp 6.5

Reading Time: < 1 minute

Launch Powershell on a source server (ZDC server often used) as administrator. Ensure the status bar states ‘administrator’

Note, if copying the command from point 8 below, you may need to reenter the speech marks ( ” )

1) UNC path to your print server and install the printer. This will allow for the print driver to be installed on your source server (ZDC)
2) Type: Set-ExecutionPolicy RemoteSigned
3) Press Enter twice
4) Type the letter ‘Y’ and enter
5) Type: Add-PSSnapIn Citrix.*
6) Press Enter
7) Type Get-XAPrinterDriver –Servername XenappServername (Where XenappServername is your source server e.g. ZDC) – This command will list all drivers installed on your source server. Including the new driver)
8) Finally, type: Add-XAAutoReplicatedPrinterDriver “Print Driver Name” -SourceServerName XenappServername (Where XenappServername is your source server e.g. ZDC)
9) To display a list of drivers currently within your replication list type: Get-XAAutoReplicatedPrinterDriver
10) Replication throughout the farm can take up to 20 minutes

How to recreate citrix local host cache (LHC)

Reading Time: < 1 minute

Clearing the Local Host Cache on a Citrix server can sometimes help resolve many issues on a Xenapp/Citrix server including, if the Citrix IMA service fails to start or the local host cache becomes corrupted.

To recreate the local host cache:

1) Stop the Citrix IMA service
2) Open a command prompt
3) Type: dsmaint recreatelhc
4) Press enter
5) Restart the Citrix IMA service

The server holding the data store server must be available for dsmaint recreatelhc to work. If the data store is not available, the Citrix IMA Service will fail to start.

What does running dsmaint recreatelhc do?

Running the above command will:

1) Set the value at HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Citrix\IMA\ RUNTIME\PSRequired to 1. If using 32bit Edition the key is located at HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\IMA\ RUNTIME\PSRequired to 1 on XenApp

2) Deletes the existing local host cache located on your server (Imalhc.mdb)

3) Finally recreates an empty local host cache (Imalhc.mdb)

So if you’re experiencing issues, it’s worth ago.

Disable Citrix Desktop Wall Paper

Reading Time: < 1 minute

1) Launch Citrix App Centre
2) Click policies
3) Click user policies
4) Located Desktop Wallpaper
5) Change to Prohibited. See screen shot below.

If you wish to set a blue wall paper for Citrix users:

1) Launch Group Policy Management console
2) Create a new policy or amend an existing
3) Expand User Configuration, Policies, Administrative Templates, Control Panel, Personalization
4) Double click ‘Force a specific visual style file or force Windows Classic’
5) Set to enable