Citrix user sessions are held open by ccSvcHst.exe during log off
Last Updated January 15, 2015
If user profiles have been configured to be deleted during log off, either by Citrix or Group Policies, the deletion might fail and a new profile created upon next logon.
During a scan the SEP client holds a handle on the scan log located in \Users\%username%\AppData\Local\Symantec\Symantec Endpoint Protection\Logs\mmddyyyy.log. The handle is not closed when the scan is stopped, which prevents the profile from being deleted.
The issue has been resolved by upgrading the SEP Client to version 12.1 RU5 or higher and implementing the following registry key: