What’s the best free antivirus? I have an answer that may surprise you. I also have a supplement that may surprise you. And I have a third supplement you already have but probably never heard of.

Keep something in mind. I don’t like using words like “good” and “best” in the same sentence as antivirus software. Imagine a college graduating class whose valedictorian is Chris Farley’s character from the movie Tommy Boy. What you want from your antivirus software is something that doesn’t do a lot of damage.

The worst thing antivirus software can do is try to do too much. There’s a name for problems in antivirus software. Professional hackers call it the “confused deputy” problem. Confuse the deputy, and you can get it to use its power for evil instead of good. The best way to avoid the confused deputy is to keep the deputy simple.

If you’re running Windows 7, I recommend Microsoft Security Essentials. If you’re running Windows 10, I recommend the built-in Windows Defender. (Note that Windows Defender on Windows 7 isn’t an antivirus program.)

Now let’s talk about supplementing your antivirus. It’s possible to run a second antivirus program as strictly a scanner. I no longer recommend this practice. Many people believe a second antivirus program will catch things the first one will miss. It can, but in my experience, something that gets past one antivirus program will probably get by 75% of them. So you don’t gain much by running just one.

The other day a former coworker reminded me of a great trick: Process Explorer. It’s also free.

Instead of running a second antivirus solution, I recommend installing Process Explorer. Run it, then navigate to Options and click on Virustotal.com. This enables Process Explorer to submit your running programs to Virustotal.com, which will scan those processes with more than 50 antivirus engines. A process detected by none of them is probably not worth worrying about. What about one? Potentially malicious. A process detected by more than one is almost certainly malicious. Emerging malware may only be detected by a few. I’ve caught malware samples that 16 or fewer of 54 detected.

And the nice thing about running Process Explorer is that if you submit your running processes, it improves your other antivirus software. Google shares Virustotal data with all of the AV vendors.

Yes, Process Explorer is a rare instance of Microsoft and Google working together.

You can click Options and select Replace Task Manager. It’s up to you if you want to do that. Under Windows 7, I certainly would. Windows 7 still has the Task Manager from the mid 1990s. Windows 10’s Task Manager has some network functionality that Process Explorer doesn’t, so I’m torn when it comes to replacing Windows 10 Task Manager with Process Explorer.

But if your system is acting strange at all, fire up Process Explorer and see if anything suspicious is running. It gives you all of the benefit of running 54 antivirus programs, without the problems.

If you want yet another layer of defense, here’s a nifty trick with the Malicious Software Removal Tool. It’s a little more protection, with nothing more to download.

That’s all you need for the best free antivirus protection. This trio will outperform most paid solutions, and annoy you a lot less. To give them a little extra help, change your DNS to Cleanbrowsing.org’s servers.