Upgrade fails leaving MID Server DOWN, due to antivirus/security software flagging InjectorService.exe as Malware/TrojanDescriptionSeveral Antivirus/Security tools, including VirusTotal, Rapid7, ePolicy Orchestrator and Windows Defender flag up or delete InjectorService.exe. This hasn't been in new MID Server installs since Jakarta, but does remain in upgraded MID Servers.\agent\bin\sw_wmi\bin\32\InjectorService.exe\agent\bin\sw_wmi\bin\64\InjectorService.exe This will also cause the Upgrade service to fail due to the anti-virus locking that file as the upgrade tries to delete it, leaving the MID Server DOWN.Steps to Reproduce On a windows server host running Windows Defender, or any other anti-virus.Install a Geneva to Istanbul MID Server and upgrade to New YorkThe upgrade will probably fail with a similar error to this in the wrapper/upgrade log, leaving the MID Server down: INFO | jvm 1 | 2020/10/13 10:53:59.601 | INFO: C:\agent\bin\sw_wmi\bin\64\InjectorService.exe cannot be deleted: C:\agent\bin\sw_wmi\bin\64\InjectorService.exe (Operation did not complete successfully because the file contains a virus or potentially unwanted software)INFO | jvm 1 | 2020/10/13 10:53:59.601 | Retrying in 1000ms...WorkaroundThis problem is currently under review. You can contact ServiceNow Technical Support or subscribe to this Known Error article by clicking the Subscribe button at the top right of this form to be notified when more information will become available. This file has not been needed since the Jakarta release. New MID Server installs since Jakarta have not included this file. It can safely be manually deleted from all MID Server installations before upgrading to avoid this issue. Follow the steps below: Locate the InjectorService.exe files\agent\bin\sw_wmi\bin\32\InjectorService.exe\agent\bin\sw_wmi\bin\64\InjectorService.exeManually delete the InjectorService.exe filesRestart the MID Server Future upgrades will not have a problem from these files.Related Problem: PRB1437357