When doing customer support on Broadband one of the things I used to check when people reported slow connections was the traffic. We were always told that we should only check things like line quality and similar stuff but I often saw a lot more going out than coming in.
Bearing in mind you'd usually expect domestic customers to be downloading all sorts of stuff rather than sending out, combined with the likelyhood of a lack of adequate protection and the habit of clicking on anything I reckoned it was a fair chance they were busy spamming away merrily without knowing.
But, being on the wholesale side, all I could do was send a note to the ISP with a vague suggestion that one of thier customers might, possibly, by chance, etc. etc. have an unwanted guest.
It was pretty common to see but apparently not a real issue that belonged to any party but the customer - and it's their machine. And most people haven't a clue, relying on the security that came with the machine but was never paid for to keep updating.
This morning I spent a while cleaning up someone elses laptop - it had more infections than after a week in Ibeza. They'd got a 'spyware remover' they couldn't remove, it was just the beginning . . .