Srizbi , Full-Kernel Rootkit Malware

hi folks,
In the last few days i came across to a new rootkit malware named trojan.srizbi (aka, Troj/RKAgen-A , Rootkit:W32/Agent.EA) that has capabilities of bypassing Firewalls and IDS systems and also tries to delete competitor rootkits .
this malware hooks ZwOpenKey,ZwEnumerateKey and hooks \FileSystem\Ntfs\IRP_MJ_CREATE
\FileSystem\Ntfs\IRP_MJ_DIRECTORY_CONTROL kernel routine of NTFS filesystem driver and also the Trojan creates %System%\windbg48.sys , %System%\[RANDOM NAME].sys files .
this trojan attempts to connect to to several servers for download config files .
the polymorphic code used in Trojan.Srizbi is very similar to the Backdoor.Rustock.B packer, but more advanced . srizbi is currently being spreads via iframe tools like Mpack . this YouTube video showing websites using Iframes and the MPack installer attacking a PC.
you can read more information on symantec .