On another note I was wondering if webroot secure anywhere protects against ddos attacks?
Best answer by JimM
By default, Webroot is set to scan with a Deep Scan. A deep scan specifically targets only things that are running, and that definitely or probably will run. While you may have had a dormant infection present on the system, it is not truly a threat unless it either is running or will be running in the future. An infection that isn't running is just some 1's and 0's on your hard drive that aren't really doing anything. A Full Scan would have found it if you had done one, but that's because it scans every last file on your computer instead of just the ones it makes sense to worry about. If the infection ever attempted to start up, the shields would have caught it regardless. Any attempt to run also would have had to have been user-initiated since the Deep Scan didn't find anything that would have triggered it otherwise.
For more on Deep Scans vs. Full Scans, take a look here.
You might ask at this point, what if it actually was running and Webroot didn't flag it as an infection? While that's unlikely, it's possible. New infections show up every day, and occasionally Webroot might not flag one as an infection right away because we are still analyzing the file. There is good news though. In the event that an infection shows up on your system that Webroot has not encountered before, SecureAnywhere will journal all activities of that file. It keeps a record of every action that file takes, and it can roll those changes back to the original state if it later finds out the file is a threat. So worst case scenario, it can still revert anything the infection has done anyway just as soon as it's globally flagged in the cloud as being an infection.
Now regarding DDos attacks, the answer is no. Here's why: A denial-of-service attack works by flooding a server with an excessive amount of data requests, which makes the server unable or incredibly slow to respond to legitimate requests. That isn't an infection, and it requires no malicious code to be run on the device being attacked. It's a method to stop a server from functioning properly, but it's an entirely external threat that operates based on creating excessive traffic. It's usually used to bring down websites. The best analogy I can come up with off the top of my head is that a security system for your car works great for protecting your car from being broken into or stolen, but it can't do anything about backed up traffic on the freeway or a group of other cars surrounding your own car and not letting it go anywhere.
It is probably worth pointing out though that there are some pretty solid hardware methods of mitigating DDos attacks out there. Webroot recently partnered with one such provider, Corero. If protection against DDos attacks is something you're looking for, you could check over there.