IT Mamak

Exploit.PDF-9669 was detected on older version of ClamAV.
Most HTML encoded email received seems to be matching on older version of ClamAV.
It seems to be a false positives matching on this signature.

Here is a temporary solution:

edit daily.hdb file
vi /usr/share/clamav/daily.inc/daily.hdb

comment this line as below
#d41d8cd98f00b204e9800998ecf8427e:0:Exploit.PDF-9669

and then restart the service

This problem will be solved for temporary.

I get this solution from this thread:
http://www.gossamer-threads.com/lists/clamav/users/37880

The permanant solution is

update your ClamAV to 0.95.3 and update your daily.inc or daily.cvd.