Colour me confused as fidmas first reported this in a .pps attachment "Got an email with a .pps attached this morning."
Details for file extension: PPS - PowerPoint Slideshow (Microsoft Corporation)
Now that has changed to being in a pdf file, which is it ?
In either case iFrame injection into the file is possible so I wouldn't take it as an FP. PDFs are now being seen more in the viruses and worms forum as being infected, but not usually as iFrame infection.
If you still have the attachment, don't open it, save it to your hard disk and upload to virustotal for scanning.
You could also check the offending/suspect file at:
VirusTotal - Multi engine on-line virus scanner and
report the findings here the URL in the Address bar of the VT results page. You can't do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called
Suspect in the
C:\ drive. Now exclude that folder in the
File System Shield, Expert Settings, Exclusions, Add, type (or copy and paste)
C:\Suspect\* That will stop the File System Shield scanning any file you put in that folder. Do this before you save the email attachment to this folder.