IntegraMOD

I have a member on my forum, that keeps getting a PDF Exploit message while posting on our forum.

Anyone hear of this or know what it is?

do you know the origin of all the images on your site? It is probably a hyperactive internet security prog on his computer like MCaffee. Just to be safe you should go through your template posting_*.tpl files and look for any added code. Also delete your cache manually through ftp to be sure you dont have any injected files.

All images I have put myself.
Mostly advertising.

I just found it strange that it is only him getting it.

I read up on it and apparently Adobe products have a large security hole where hackers use attachments like refund.pdf, receipt.pdf, cash.pdf. These are used to entice the user to open the attachment, and once open, a .exe file starts up and shuts off the Windows firewall, and uploads all personal info, login and passwords too.
They have fixed this issue, but users have to update there Adobe products to the latest version.

Mainly Adobe Reader and one other free program I can't think of right now.

This user tells me he is using an old version of reader, but can't get his computer to update it.
I figured the problem was on his computer, but thought I would ask you guys about it.

I'll check things out tonight when i get home.