The problem most likely is with one of the certificates in the chain, or timestamp or OCSP/CRL. Those are resources that are BER-encoded. The error that you get means that some (one) of these resources is malformed. It may happen during online fetching of a resources (timestamp/OCSP/CRL) or, more likely, some certificate in the chain got somehow corrupted. Without access to the machine (and no, I cannot do a remote access), it is difficult to tell what exactly is wrong. Uninstalling and reinstalling Acrobat will not change anything as this is a malformed BER-encoded resource, not the Acrobat's code.
In the past I saw instances when some CAs issued certificates (even ICA certificates) that did not follow exactly the standard set in RFC 5280, like containing additional non-standard fields. (This sometimes happens when people set up their own CA using OpenSSL and not doing it right). When Acrobat tries to BER-decode such certificates it gives BER-decoding error.
So, generally there are two reasons that you can get this error: resource (certificate or timestamp, if you have your own timestamp server) or a resource corrupted on disk.
I do not think that it's the certificate itself, because we installed an alternative PDF Editing program and the user is able to insert the signature without any trouble.
The issue is that the individual was able to sign documents for weeks and months with no problems whatsoever, which doesn't really give me much more to go on but leaves me wondering what could be at the root of the problem.
Is there any way to completely remove all the BER-encoded resources on the user's computer and start from scratch with them?
I have solved this issue.
For anyone else who has this type of problem, follow these steps:
Go to the Windows Certificate Manager (certmgr.msc)
Delete all certificates under Personal
Go back to Adobe and recreate an ID using the Security settings.
A different PDF creation tool may be not as stringent as Acrobat in following the standards, and may ignore some problematic certificates which may result in security violations. Just because someone else does that is not necessarily a good thing.
I am glad that your solution worked for you but it is not universal. Other users may experience the same error but for different reasons in which case your solution will not work.