This is a bad idea.
1) This would teach users that when they are redirected to a page that offers malware cleaners and antivirus choices, they should download and install one. Most such pages are frauds, and the user won't understand the difference between the ISP sending them to the page and a banner ad or phishing email sending them to a similar-looking page,
2) Given the way that ISPs are actually run, encouraging ISPs to detect malware will lead to ISPs just detecting and banning all sorts of unusual activity. The ISP has probably not heard of a user running Linux, for instance, and would not care if all Linux users were detected as false positives or disconnected for refusing to run Windows virus scanners on their Linux boxes. And it's unlikely that the ISP has staff who would understand a Linux user's explanation of how his box is not actually running any malware.
3) If this was put into practice on a large scale, I would expect that shortly, the MPAA or similar groups would try to tell the ISPs that all torrenting is dangerous, malware-prone activity and should result in cutoffs.