Last year I have seen a lot of DDOS attacks aimed to website of news or independent communities. These websites were attacked by a botnet built from unknown virus (which wasn’t detected by any antivirus at that time). Some professionals found some variants of this virus but the websites were still heavily attacked.
Some of professional users are willing to help to find more variants of this virus. They would like to check if computers of their families are members of this botnet. However using a sniffer then running through forest of packet to identify which processes are flooding the websites, is too complicated for them.