Jump to content

Malwarebytes identifies Scintilla.dll as a threat (from MySQL Workbench)


Recommended Posts

Just yesterday (August 19, 2014) Malwarebytes identified the Scintilla.dll file in my MySQL Workbench installation directory as containing the "backdoor.bot" trojan virus.  Malwarebytes blocked the perceived threat by quarantining the Scintilla.dll file (effectively removing it from the MySQL Workbench directory).  And then, of course, MySQL Workbench would not run correctly afterward.

So, I uninstalled MySQL Workbench, downloaded it again from www.mysql.com/products/workbench, and then re-installed it, but upon re-installation, the file was immediately identified again as a threat by Malwarebytes.  Now, I cannot run MySQL Workbench on my machine (unless I make an exclusion for the Scintilla.dll file in my Malwarebytes settings, which I am not yet comfortable in doing).

I have been using MySQL Workbench for several weeks without any issues at all until yesterday.

So, is this a false positive detection by my Anti-Malware program, or is there something wierd going on with Scintilla.dll?  Does is truly contain a virus?


In order to be able to attach the file, I first restored the Scintilla.dll file from quarantine in Malwarebytes.  I then changed the filename from "Scintilla.dll" to "Scintill.dll.txt" (since .dll files are not permitted to be uploaded).  I then compressed (zipped) the "Scintilla.dll.txt" file, and then attached this compressed text file.

*System details*
MySQL Workbench version: MySQL Workbench 6.1 CE
MySQL Workbench installation file: mysql-workbench-community-6.1.7-win32.msi
My computer: Windows 7, 64-bit Operating System
Malarebytes Anti-Malware version:,  database v2014.08.19



Thank you very much for your help!




Link to post
Share on other sites




OK, I just now opened the MySQL Workbench, and it is working again successfully, and Malwarebytes is no longer quarantining the Scintilla.dll file as a threat.


As stated previously, I had restored the Scintilla.dll file from quarantine from within Malwarebytes (to be able to send the compressed version of the file with my original post earlier today).



So, was yesterday's quarantine of this file a false positive, and now that the Malwarebytes database has been updated, this file is no longer considered a threat?


I assume it is safe to continue using the MySQL Workbench program, now that Malwarebytes is not identifying any problems?



Thanks very much,



Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.