I've said it before, and I'll repeat it again: for most users behind a router, the default Microsoft Firewall is perfectly adequate. In most cases people don't know how to set up firewalls and end up with them disabled or incorrectly set.
Only time anything better is needed, is if the PC is directly connected to the internet, or if you have users with unsafe browsing habits.

A firewall isn't designed to protect against this kind of attack anyway: you need a good antivirus / antimalware program, preferably with some kind of HIDS detection
One of the most consistent is still the free AVAST! program, as long as you turn on the "antiPUP" scanning and automate the cleanup routines