Norton AntiVirus found a copy of Trojan.ByteVerify on my system. It exploits an April 2003 bug in the MS Java VM.
I'm good at patching my system and the place the virus phones home is offline, so I'm presumably safe. But how would I know for sure? And why did the active virus protection allow this file to be written at all?
Java is useless for embedding in web pages anyway. I probably should turn it off.