The Wall Street Journal has a good piece up on "legal" vendors of computer surveillance products. One of the tactics described involves fake updates to programs that nearly everyone uses, such as Adobe Flash.
The only way to combat this tactic (near as I can see) is to download updates from the vendor sites -- that is, if you think you need to update Flash, go to Adobe. You may also want to go to Start Menu/MSCONFIG to make sure that no automatic updater modules are among your startup programs.
Whatever you do, don't give in to defeatism: "Oh, there is no privacy on the internet anyway. If you're not doing anything wrong, you have nothing to worry about." That attitude is sheepish -- even swinish.