Botnets aside, we only have large mining farms as we can have lots of small ASICS in the same place. It wouldn't work with whole PCs.
You can. GPU farms are pretty big and CPUs are pretty small. It wouldn't be hard to customize them and upsize it to become a whole farm. It all depends on the motivations behind it but it is definitely possible and would be done without ASICs anyways.
How do botnets get their work into the system? Are they their own pools? Do they just feed into legitimate pools? Can't we blacklist them somehow?
So if we're CPU mining or even GPU mining, they're profitable. You cannot blacklist or exclude anyone from the network; the nature of Bitcoin makes it extremely hard to single out miners actually. The reason why we know who mined the blocks is because mining pools put identifiable information within their mining pool.