I found this same code in almost all HTML files one of my computers too. I found this thread while googling for "jL.chura.pl".
Here is the full story: One of my computers has been infected with a very malicious virus a few days ago. The virus was identified by F-prot as "W32/Virut.AI!Generic" and Avast identified it as "Win32:Vitro". They're probably the same virus because it was detected by both programs in exactly the same files. It infects exe files and installs a rootkit that makes it very hard to detect ... then it opens a "gate to hell" on the infected machine as it downloads all sorts of trojans and malware ...
I'm not a novice user ... I'm a software developer and I'm usually cautious ... this is the first virus to infect my computer since 6 or 7 years ago and I can assure that it's really really nasty ... I had to get rid of the entire system and reinstall Windows from scratch to get rid of that virus.
I think one of the activities that this virus does is inject the iframe code mentioned in the above posts into all html files it finds ... Among the infected files are the signature files for Outlook, which means the injected code would reach any one I send an email to. I believe Avast ought to remove this code from HTML files during scanning but unfortunately it doesn't do this currently, and the code goes undetected.
To get rid of this issue: First of all, you have a bigger problem, which is the Win32:Vitro ... you should get rid of that first. Next, I used a free program called grepWin (from
http://tools.tortoisesvn.net) ... it's a very fast file search utility ... use its regular expression search to search for:
<iframe src="http://jL\.chura.*</iframe>
in all "*.htm*" files and replace it with an empty string or with something like
<!-- churs.pl was here! -->
if you like.
I hope this helps someone ...