I think for the purposes of your lab work, the Google docs thing isn't a bad idea, if it works for you.  It's simply a matter of what tool YOU prefer to work with.  For me, it depends on what OS I'm using, with what tools.  With Windows, I often use Textpad (if it's my own machine, and not a 'borrowed one.'  With Linux, it varies, with anything from vi to gedit, to any number of tools. 

Also, depends on what, exactly, you're documenting...  If you're just doing text, then any of the above, and many others, will suffice.  If you're documenting using grapics (screenshots) and / or video capture, then you may use other tools.  I use many different tools in any given pentest, depending on the scope, the deliverable I want to hand over at the conclusion, and what makes the most sense for the tools and testing I'm using.

It's really a matter of preference, IMHO.

Not really so 'confusing' if you think and understand the reasoning and purposes behind it.  Using Virtualbox, or VMWare, or any other virtualization platform, to setup hosts to use for malware testing is a very valuable tool.  I typically use VMWare (my hypervisor of choice) or Xen, myself.  With VMWare I can create a base image of XP, for instance, then snapshot that, and continue to patch or add products, etc, then snapshot at each point.  That way, if I need to revert to an OS version for testing, etc, it's simply a matter of restoring the snapshot, and doing my testing, then reverting back to another snapshot when I'm done.  Saves TONS of time and duplication of effort.

Using these VM's, also, to test malware, can help you prevent other issues you might encounter, if you were to test against live machines.  You can put your VM guest OS into host only mode, or otherwise isolate it from any network segments, so that said malware cannot spread to other machines outside of the VM, or wreak havoc on your local network.  You can then analyze it in a sandboxed environment, and really see what it's trying to do, with minimized risk.

I even use my VM's to do demonstrations and presentations to other groups and customers, to show them what I've found in testing their environments, etc, using a 'lab' that I can fully control, without further risking their environment.  Customers tend to like it when I can show their upper mgmt what they have been running into, or COULD potentially run into, without having to risk their environment to do so.

Granted, it might take you a little bit to get comfortable with using VM's and guests, but in the long run, I think you'll find it a MAJOR time saver, a very useful testing platform, and an overall great tool.

I agree with awesec, here.

Also, of note, is that if you use VMWare, the newer versions have screen capture / video capability, so as you're testing or doing some work, you can have VMWare record your actions, so that A.) you can use that for documentation / presentation work, and B.) if you don't understand what you're seeing, or if the testing doesn't make sense to you, you could submit the recording to the 'collective' (read EH-Net or other security pro's) to get their input on what you may or may not be doing wrong, or to enlighten you on what's actually happening, etc.

It's just an overall handy way to do testing and POC (proof of concept.)

VMware Player, VMware Server, as well as VMware ESXi are free.

Yep, you certainly can.  You can have a host-only, NATed, or a Bridged network.   The host-only is obviously self-contained.   The NATed and Bridged options will be able to go "outside."   There has been talk of techniques to breach the host-only security.   I am not sure how successful they are at this point.   You can always just remove the virtual Ethernet adapter in VmWare. 

It comes down to what you are most familiar and comfortable with.   ESXi is a pretty cool product, because it is a bare-metal hypervisor.   I ran into some hardware compatibility issues with it though.   

Personally, I think that you will find more support from VmWare due to the popularity of their products.