Proactive ISP

[Wazoo]

After the better part of a day trying to resolve some issues over the phone, had a gal bring her system to the house. Way too many hours spent on trying to rectify the damage from three virii/trojans and a rootkit infection. She picked the thing up around noon. However, when she eventually got home and hooked it up, she got a pop-up about the 'limited bandwidth' on the network icon (XP) Fiber to the house, split out via a NetGear switch, one to the computer, the other to a set-top box for the TV. Unplugging the ethernet cable from the computer showed the activity lights following the cable, so that semed to indicate traffic from the computer to/from the switch. However, still coming up with the 169.x.x.x address, and attempts at a 'Repair' function failed due to an issue with not finding a DHCP server.

I had her call her ISP. I just got off the phone with the service guy that showed up at her house. He'd plugged in his laptop which came right up, showing no problem. So his next move was to call the office and ask if they had actually blocked her (via the MAC Address) He stated that Heart of Iowa Communications [using netINS for infrastructure]) had started doing this within the last year or so. When they saw signs of an infected, spewing computer, they cut off access fom that computer .... customer being advised that they wouldn't get reconnected until the system was cleaned up. (The bad part was that if this was the case, then he was going to have to figure out why the person handling her previous phone calls hadn't relayed this information.)

I asked him to pass on the thanks from all of us about the proactive stance taken by that ISP.

This is the second ISP I've personally seen doing this. Qwest was the first. A lady down the street bought a computer from a teenager (so hard not to believe that it wasn't 'hot' .... maybe $2,000 worth of computer for only $100, but I digress ..) It was also working her "the Internet doesn't work" problem that I found out just how brain-dead MSN Explorer was .. it wouldn't follow the re-direct to the page that Qwest provided to explain the situation. Again, clean it up or never get connected again. That page offered working links to several anti-virus sites and Microsoft updates, but that was it. All in all, pretty nifty in my mind.

[Farelf]

Good to hear. I have commented before that the Australian regulatory authority actually, sort of, requires this behavior of 'our' ISPs - http://www.acma.gov.au/WEB/STANDARD/pc=PC_310325 (hopefully the right link, their server is down for maintenance just now). Just a voluntary code, no evidence of actual compliance that I'm aware of but the experiences you describe would be a bluprint for how it is intended to work - once the the little 'Catch 22' of notifying and leading the owner/user to the resources when their connection is disabled is overcome. Repair-shop success in disinfecting computers seems to be 'variable' (to put it kindly) from the commentary one sees but I guess the 'horror stories' are more newsworthy, one seldom hears of the Wazoos of the world quietly putting things right in the 'background'. All of which makes your post particularly welcome.

[Geek]

Nice to hear some ISP's doing this instead of "wait until x-number of complaints, then snip.."

Cheers!

[Miss Betsy]

I think that my ISP does something similar. At least, I have heard tales of people whose computer wasn't 'working' and then that they had to have it cleaned up.

Miss Betsy