There are many steps you can take to prevent the installation of spyware/grayware onto your endpoint. Trend Micro suggests the following:
Configure all types of scans (Manual Scan, Real-time Scan, Scheduled Scan, and Scan Now) to scan for and remove spyware/grayware files and applications. See Scan Types for more information.
Educate your agent users to do the following:
Read the End User License Agreement (EULA) and included documentation of applications they download and install on their computers.
Click No to any message asking for authorization to download and install software unless agent users are certain both the creator of the software and the website they view are trustworthy.
Disregard unsolicited commercial email (spam), especially if the spam asks users to click a button or hyperlink.
Configure web browser settings that ensure a strict level of security. Trend Micro recommends requiring web browsers to prompt users before installing ActiveX controls.
If using Microsoft Outlook, configure the security settings so that Outlook does not automatically download HTML items, such as pictures sent in spam messages.
Do not allow the use of peer-to-peer file-sharing services. Spyware and other grayware applications may be masked as other types of files your users may want to download, such as MP3 music files.
Periodically examine the installed software on your agent computers and look for applications that may be spyware or other grayware.
Keep your Windows operating systems updated with the latest patches from Microsoft. See the Microsoft website for details.