mbr rootkit....is this an FP?

well.............i hv prevx free.......with avira security v9 no problem..prevx scan always came clean......then i removed avira and installed my licensed Dr web and outpost pro....10 min later prevx warns..............mbr rootkit....dr.web express scan comes clean...........i rollback with rollback8.1 to the image that is taken on every first boot of the day.........it has avira.....prevx scan....is clean after rollback.........so
1.was this alarm a fp?
2.if not what were Dr web and outpost doing?
3.after rollback i still hv that image where infection was detected should i delete it? thanks..
two screen shots first with dr web and outpost prevx says infected........and second after rollback the scan is clean...

 

Hello,
I suspect that one of the security products modifies your MBR during uninstallation. If you experience the issue again, please let me know and I'll see exactly what is causing it.

 

rollback modifies the mbr , afaik

 

thanks for your reply...........btw i again rollbacked to the image where prevx warned of mbr..........removed prevx and again installed it ..........this time the scan came clean..............so it has to be a FP and something to do with the real time scanning of prevx............pls take a look at this issue for such warnings are a bit too much for my tender heart