1) (Recent Files) in windows is created to give hackers a view of what you are doing, not for your use.
2) It is important to use your rubbish bin, but it is the second place I will look, clear all your rubbish all of the time.
3) A way a hacker attacks is using all your temp files, never leave it forever, always clear all these files, (temp), (%temp%), Software Distribution (Temp), Windows Update (Temp), and if possible if you know how to do it, Virtual memory, paging files, and what you allocate for virtual memory, there is currently no tools to do this.
4) The registry tells me all the history of every programs you install, and it is not encrypted, and it will always leave a residue.
5) In the browser there are so many other folders that are at risk like (History) (The sites you visit)(The files downloaded) and even your (password) and (Forms) that you fill. If possible, never fill in your credit card details here.
6) I purposely do not want to give the exact location or else hackers will have a field day, and everybody will get hacked. Those in the security industry already knows exactly what I am talking about.
7) The biggest issue there is no way to track all your programs running and background services, and if a code is run like java or others in your browser you do not know what the hell is going on, Task Manager only gives you a glimpse of your components but nothing else, it should be improved with the above.
8) All windows drivers are not secured, even if there is a way to rollback to the previous version, for me as a hacker I will have a field day to crash your components and cause havoc to your OS.
9) All kinds of spyware uses unallocated ports that are not secured and if possible protocols that is unknown to install screen shots, monitor text inputs and even access programs communication like Whatsapp which is encrypted. There is no way to secure this with today’s technology, and I do not know the exploit of the future where technology will prove all things are possible, because our old Internet is not secured.
10) One of the biggest risks is WiFi, without a new Algorithms based secret without keys, it can always be hacked and no way to secure it.
11) Even with database it is impossible to secure it with encryption, it is a matter of time someone exploits it, even for Bitcoin we are coming close with firepower to break crypto encryption methods.
12) For critical infrastructure like banks, hospitals, power grids, nuclear etc, my advice is kept it out of the internet and only allow 1 or 2 to access, and isolate it in a DMZ zone.