I understand the basic's of how some spyware works.

e.g: Using ActiveX controls on a web page, that prompt the user to install it and then the ActiveX control proceeds to download applications which it then launch's, infecting you computer.

Can anyone tell me or point me to a website that explains exactly how this is done.

Also i have visited some sites that still manage to download DLL's and executables onto my hard disk with out my consent, even with ActiveX blocked and spyware running, although my anti spyware does detected it and delete it.

Are these [insert vulgar name] using known IE exploits and what are they? I would like to have a good understanding of exactly how they are doing this!

I'd appreciate any help.