Before launching the Customer Internet Protection Program it announced this week, Qwest Communications conducted a year of pilot trials, discovering in the process that consumers were happy to get information about viruses or other malware on their computers, so long as it came with detailed instructions on how to clean up the mess.

“We get very positive feedback when we are able to tell them these are the steps you need to take,” said Melodi Gates, chief information security officer at Qwest. “We learned from the pilot that we needed to be very confident about steps we gave customers to fix the problem.”

The new service, which is both free and transparent to Qwest DSL consumers, alerts them to viruses that are affecting their computers or to the fact their computers are acting as “bot” or “zombie” computers because they have been hacked. Qwest identifies the problems by using a variety of tools and techniques, one of which is deep packet inspection, that can recognize problems based on traffic patterns. A message pops up in the consumer’s browser, alerting them to the problem and directing them to the CIPP site.

“We then give them very specific information about the kind of malicious software they are infected with, Gates said. “If it’s a Beagle Bagel or Spybot or Stormworm, we identify it and then we give them a serious of links and steps to disinfections tools. Microsoft and others make them available, but they can be hard to find if you don’t have specific educational pointers. After those details, we also offer a broader set of educational tips to make sure your anti-virus is current or install a personal firewall. It can be the Windows Live OneCare firewall that we offer or another one.”

A recent security study conducted by Arbor Networks showed that 60% of ISPs said their biggest security problem is zombies – computers that are under the control of hackers and are used to send spam or phishing attempts or to launch distributed denial of service (D-DOS) attacks. Very often, consumers don’t know their computers have been overtaken, since the only symptom may be slow operation or slow Internet access, which they are likely to blame on their ISP.

Qwest identifies the problem based on traffic patterns, abuse reports from other parties that are traced to a Qwest IP address, or other techniques, Gates said. “We can detect a significant amount of traffic on a given port, which may be associated with one piece of malicious software,” she said “Slammer was known to communicate on one logical port, for example.”

The company also gives the consumer a chance to delay action, if it isn’t convenient at the moment the browser message pops up. But if a consumer gets three notices of infection and takes no action, their Internet access is cut off until the PC is repaired.

Reducing “bot” computers, spam and D-DOS attacks will reduce the amount of Internet bandwidth that is being consumed illegally, but Gates said Qwest is less interested in those kinds of economies than in providing a service that it believes is the first of its kind for consumers and small business users.

“The primary value point is keeping the Internet clean,” she said. “The more we can keep malicious software off the Internet, the better off the entire Internet will be.”