Network analysis tools are used by many major network providers including the one I work in. It is generally a good practice. These tools look for patterns from various common worms and virus. After hearing that Telus is aggressively monitoring their network and cutting you off, I find Telus a better ISP. I highly doubt anyone reported you.
A sample output of such monitoring tool. As you can see, your IP and timestamp is recording. Telus just has to look up who was using this IP and that time. Voila, it points to you.
| Inc # | description | address | timestamp in UTC | s-prt | dest-addr |
+-------+-------------+---------------+----------------------+-------+-------------+
| G6O | Mebroot | xxx.xxx.xxx.xxx | 2011-06-11T00:52:22Z | 1203 | 91.19.31.15 |
| G6O | Mebroot | xxx.xxx.xxx.xxx | 2011-06-11T00:42:14Z | 1200 | 91.19.31.15 |
| G6O | Mebroot | xxx.xxx.xxx.xxx | 2011-06-11T00:21:56Z | 1167 | 91.19.31.15 |
| G6O | Mebroot | xxx.xxx.xxx.xxx | 2011-06-11T00:15:32Z | 1060 | 91.19.31.15 |
+-------+-------------+---------------+----------------------+-------+-------------+
Good security is safety over convenience, not the other way around.
