Granted, this is a ways off and there are many ethical questions and potential pitfalls, but I think this is a good idea to a certain degree. Any virus/trojan/worm/etc that is self-propagating or even the end-user actively sending out to infect others (such as mom forwarding on some infected chain letter) could be identified by the Cloud and cordoned off from the internet at large until the issue is cleared up. Less severe infections that have no immediate threat to others could simply be cleaned up without disconnecting. Of course, this whole theory is open to exploitation at several levels with current technology.
Basically this would involve a cloud a/v with access to a software firewall. When infections are detected, lock down the connection (except of course to the a/v servers to update definitions and clean the pc of infections. This could also be used to educate those that simply don't know better. Give a popup during the cleaning process with a message explaining what is going on and why, and how to avoid re-infection.
Alternately, each ISP could have it's own detection system, probably cloud based as well, and block traffic at their end (using DHCP to place the infected connection on an isolated subnet with limited access?) rather than using a client side firewall. I'm not sure of the legalities, but I'm sure there are some ISPs out there that reserve the right to disconnect customers to protect their other clients. At least this way the ISP would also be responsible for clearing the infection as well. Corporate customers would run into trouble with this though, as disconnecting an entire company would certainly have serious ramifications.
One of the many pitfalls, in addition to those already mentioned by others is that it could take a considerable amount of bandwidth to analyze traffic for suspicious behavior and trace it back to it's origin. Of course with all those people getting kicked off the internet, there would be bandwidth to spare.
In the mean time, as others have mentioned, the best defense is education. I all people should have to pass a competency similar to ecdl/icdl to be able to own/operate a computer, though that, again, would be difficult if not impossible to enforce.
Wow, I really rambled on there. Hope at least some of it made sense. As this concept is still more or less theoretical, I feel like I can ignore some of the more glaring problems for the time being.