reply to clickwir
Re: needs to be a phone call A phone call for every infected machine is a bit time consuming as nearly everyone will demand to speak to a human. IMO, EVERYTHING is locked down on the infected machine until it is fixed. The only thing you get is a special comcast security (plus window update, and some security related site) website (all web traffic routed to that site, but no mail or anything else) that has: an explanation, a howto, mirrors/direct links to AV software, phone numbers, and a web based email client. A popup and replaced banner ad can easily be ignored and probably spoofed to fool many, but a special forced redirect is impossible to ignore fairly hard to spoof.
When I was on a campus network, if your computer started acting strange (packet that make you appear to be infected, suspicious/malicious behavior, and others), you were automatically shutdown until you contacted the network admins. I don't think something like this would work since it'll probably tick off a lot of people and the sheer number of people.