I’ve never looked for links, this is just the way I’ve always done it:
Out of the box, for some stupid reason, every Windows installation has one user, with Administrator privileges. That user can install any piece of software, and if you start browsing the web with it and click on a bad link, that link inherits the Administrator privileges. An average user can have a machine hopelessly infected in 10 minutes (1 if they’re under 25).
Before I ever get any Windows system on the Internet, I log into the default Administrator account. If setting up from scratch, name the default account “Install Software” and create a good password for it. Go into the User Accounts control panel and create a user account for every person who will use this computer, all with “Standard” or “Limited” privileges.
Only after that, get on the Internet.
Use Internet Explorer to visit one web site, and one web site only: mozilla.com and download the latest version of FireFox and install it. Once installed, visit mozilla.com again and check Ad-ons, look for “Popular” and install Adblock Plus. This will require restarting FireFox, and selecting an AdBlock Plus “subscription”.
Once you do that, you should be safe to visit java.com to install Java, Flash.com to install Flash, adobe.com to get Adobe Reader (formerly Acrobat) and carefully check every installation, choosing “Custom” every time to uncheck all those toolbar “options” that are oh-so-helpfully pre-checked.
After that, log out of the Install Software account and log into one of the Standard or Limited accounts. As long as you only use Install Software to deliberately install software that you know and have good reason to trust, you will be fairly free of Spyware infections.
Every user that I have set up in this way has a solid, working system. In every case where they did get infected, it turned out that they had given the Install Software password to their kid to install some fucking game (usually web based, and spyware ridden).
One other tip: If you are installing software, and have kids - if you step away from the machine for even a second, hold down the Windows key (the one with a flag on it) and press L. This will “lock” the account and you will have to re-enter the password to unlock it.