Many adware cookies and browser hijackers can be neutralized by configuring browser Privacy settings to disable third-party cookies and block pop-ups. Exceptions can be made for legitimate websites that require these features to operate correctly, preferably by importing a company-defined list of permitted sites. Pop-up blockers are freely available from many sources, including the Windows XP SP2 upgrade tor Internet Explorer and the Google Toolbar.

Use Internet Explorer's Restricted Site Zone (or equivalent features in other browsers) to block access to known adware and spyware sites. But do not attempt to populate this list manually. Instead, use a tool like JavaCool SpywareBlaster to configure this banned site list, and update that list regularly as new sites emerge.

Many spyware programs need administrative rights to install themselves, overwrite OS tiles or disable security measures in an effort to evade detection. Those threats can he crippled or neutralized by browsing the Web from a LeastPrivileged User Account (LUA). Never browse the Web as administrator. If you must, use a free tool like Microsoft DropMyRights to downgrade privileges when launching your browser (or any other Internet application).

A significant percentage of spyware has been designed specifically to exploit Internet Explorer features or vulnerabilities. Diligent patching can make a big difference, as can upgrading to a newer version of IE. Security improvements found in IE version 7 include ActiveX opt-in, a "No Add Ons" mode, a "Fix My Settings" option, and better protection from cross-domain scripting attacks. Or consider using an alternative browser like Firefox for general Web surfing, reserving IE for known/trusted sites that do not work well otherwise. Alternative browsers may be a less popular spyware target, but they still require secure eonfiguration and patching.Continued