Some time ago I have been pointed out that one of my posted PDF files tried to initiate a connect to some IP address
. After some investigation, results were published in certain post's comments here
Also numerous publications around internet news/blogs/reviews keep popping around this issue.
Naturally I felt certain responsibility to look for a solution here. Since still no ready tools are available to clean this script off the PDF files I decided to go further and try to remove it myself and publish the results here. I hope that this info will be useful to all posters of this blog who come in touch with this issue.
The problem comes in two varieties - for the one who tries to read the file with this script, and for the one who wants to post a file containing it. In the first case it is enough to use a freeware PDF reader, or acroreader version lower, than 6. Also firewall rule may be created if one chooses this approach. Here I should also point out, that Linux version of acroreader 7 also "calls home", while xpdf is still immune to this script.