Today, the more network connections that a company has, the more likely that an outsider finds out a way to intrude the network. Use of remote access and wireless networks might deploy against the network. Organizations that use any one of these are twice as likely to have detected attempts to penetrate their network as those do not. One of the countermeasures that is taken to lessen security penetration, is the antivirus, which should be named a malware scanner as it can detect different malware including worms and Trojans, not only viruses. This study is evaluating of the efficiency of scanners and designs an empirical comparison between them. Installing a scanner on a PC means consuming computer resources, so measuring the impact on the machine performance was the 1st step, then exploring the scanner features including the free additional services was the 2nd step. The 3rd one was to move on and test how fast it scans the machine, including, a quick scan, and then the last onewas investigating how good it detects malicious samples. The interesting results have shown that there is a remarkable disparity between what scanners vendors claim and the real ability of the scanners.