If Malwarebytes does not detect a file as a threat, yes it will pass over it during the scan. That fact would apply to any anti-malware scanner or anti-virus which did not detect a threat.
However, when compared to other security tools like Spybot S&D and Ad-Aware, the advantage of Malwarebytes Anti-Malware
(MBAM) is that it uses a proprietary low level driver
similar to some anti-rootkit (ARK) scanners to locate hidden files and special techniques
which enable it to detect a wide spectrum of threats including active rootkits. IMO it has proven more effective than many of the stand-alone ARK tools which are available. MBAM intentionally does not search for and remove cookies which pose no significant threat
. The research team investigates new rogue applications and malicious files so the database is usually updated several times a day in an aggressive effort to keep it current. Scanning is performed quickly while other tools can take hours.
Malwarebytes Anti-Malware is designed to remove malware as effectively with a Quick Scan as it will with a Full Scan which takes much longer to complete. Both scans use heuristics
that bypasses polymorphic blackhat packers & encryption, MD5
, check memory (loaded .exes and .dlls), unique strings, autostart load points and hotspots (everywhere current malware is known to load from) and multiple other malware checks which are not discussed in public to safeguard the program from malware writers.
- A Quick Scan looks at the most prevalent places for active malware so scanning every single file on the drive isn't always necessary.
- A Full Scan only has the ability to catch more traces in rare circumstances but it can be used to scan every drive (including removable) on the system.
- A Flash Scan will analyze memory and autorun objects but that option is only available to licensed users in the paid version.
The above information about how the program works is general rather than specific. The reason for this is that the developers of MABM do not want to reveal all the special techniques
utilized in order to protect the integrity of the tool from malware writers who would use that information for nefarious purposes.