> 1 - how can i stopped the php shell and perl shell ??
you should find and remove the shell, manually or using some anti-virus software, e.g. watchdog in plesk or server anti virus
also you can forbid all system commands in the php, e.g. exec, system and so on. most shells use them for files/folder manipulation.
> 4 - what about " mod_suphp " if i have hosting company do you
> recommend use " mode_suphp " or no ? if yes .. please tell me
> why and how can i install it ?
it is good thing. it executes thу php script under the needed user, it is good because if this php script will be a hackers shell, the hacker will be not able to hack all accounts on the server, he will be able to work only under some specific user and will be not able to receive access to the other users on the same server.
as for mod_suphp installation, "my.cnf " and " httpd.conf" please ask your hosting administrator to check it.
it is not possible to answer all these questions on this forum unfortunately. without the server access and without the server configuration analysis.