after some of my research its caused by a extension for firefox imho [adware, k-lite codec Pack]
if you post on a cms/forum/webapp using a textarea, during the POST process is this little piece of markup added in the end
<div id="jsseunrwnoeo"><div id="ocfipreoqyfb" class="simple_mutex">mutex/ocfipreoqyfb/mutex</div></div>
people went mad cuz of this, the string "mutex/ocfipreoqyfb/mutex" was added even to website titles, forum posts, emails and so on..
after some deeper research i stepped over a different string than the usual one class="simple_mutex" id="ocfipreoqyfb" origin="safe_url_2"
i was curious about the origin, so i searched via google alerts and bang!
safe_url_2 >> safe_url__2.exe >> Solvusoft >> "und eine mögliche Infektion mit Viren" DE>EN "and a possible infection with viruses"
google?safe_url__2.exe >> reasoncoresecurity.com >> Detection: PUP.Vondos.BrowserSec >> Browser-Security Addon
google?Solvusoft >> Sophos:Solvusoft StaticBuild Installer - Adware and PUAs
fast reverse of the addon/extension
var className = 'simple_mutex';
mWrapper = doc.createElement('div');
var checkContent = 'mutex'+'/'+key+'/'+'mutex';
docMutexDiv.textContent = checkContent;
docMutexDiv.style.display = 'none';
so i searched where addon/extension was included, so it appeared that its smuggled with the k-lite codec pack.
in short: Man in the Browser which interest lies in ads. so if a person will post on a forum, portal, cms, or what ever web based, he will automatically get this markup added and the person most likely wont know where it comes from.
propably the authors of the addon/extension fckd something up.
imho, if you are not a codec expert, avoid k-lite and simply install/use VLC