Today I realized that spamers were using my web site for spam, and problem was com_mailto component.
This is one example of link.
For now I don't have solution, I just deleted that component from my web site.
It seems that problem was with this:
6. Use proper permissions on files and directories. They should be max permissions of 644 for files & 755 for folders with no exceptions.
Taken from here.
Just to be sure, deleted com_mailto component, since I am still blacklisted, as spamer :(