I am trying to build an open source wallet which will use your fingerprint to encrypt the wallet.dat file, along with password and 2FA encryption, that will be one of the solutions.
I don't understand what threat model this is protecting against; can you please elaborate? If your OS is compromised with malware that can steal your encrypted wallet and your password, can't it just as easily steal your plaintext wallet after you decrypt it? Although hardware keyloggers that sit between the keyboard and the computer do exist, this requires an attacker to have physical access to your machine, and in that case you're basically screwed anyway.
Other than that your current best option is to get a windows copy from microsoft and do a brand new offline installation of windows
A fresh install of MS Windows is certainly more secure than an OEM install that is potentially compromised with crapware such as Superfish. But Windows itself still has a huge attack surface. Personally, I'd recommend a smaller, security-focused OS such as FreeBSD.
Don't use ISO files from the internet, they can be modified quiet easily.
Most ISOs have signed hashes that you can verify after downloading (e.g.,
https://www.freebsd.org/releases/11.1R/CHECKSUM.SHA256-FreeBSD-11.1-RELEASE-amd64.asc). Of course, this requires you to trust the public key that was used to sign the hash, but the chain of trust must be rooted
somewhere.