At the time I was in school, most people just used the computer labs. Very few folks had their own PCs.

I always tend to be somewhat skeptical of the numbers they report in things like this. The key, I think, is the "some form" caveat, since "malware" can include anything from a tracking cookie to a trojan that actively looks for financial records, depending on what expert you ask.

Lately I've been getting a lot of pop-ups served from various websites for bogus security programs. You've probably seen them – full-page scare-ware screens with a lot of red text warning you that your computer is under attack and you REALLYNEEDTODOWNLOADOURSUPEREFFECTIVEPROTECTIONPROGRAM NOW!!!! They've become almost as common as Russian comment spam…

I had a friend in college who had a separate, much cheaper computer for porn so that any viruses and spyware wouldn't wreck his computer.

I think the thing that was newsworthy here wasn't that such things exist but that the percentage was surprisingly high. 20% having malware of some form is 3 or 4 times as high as I would have guessed and probably an order of magnitude higher than many people who are a) not pessimist and b) not very computer savvy would have guessed.