First, my setup
Windows 7 Home Premium
use the built-in firewall
UAC on max
in Windows' wireless network settings for public networks, besides the default settings, I have 1)set to block all media streaming, and 2)turned off public file sharing. When I connect to a free wifi, I always set Windows to classify it as a "Public Network".
fully patched Windows, Office, Firefox, Flash Player, Java, etc, etc….everything
I always make 100% sure I connect to the expected wifi and not someone's fake-out data-stealing pirate wifi network.
Whenever I log into a site I care about, I always log in using https. All of my email accounts (gmail) use https. I really don't care if anyone sees my websurfing (forum posts, google searches, etc).
Regardless of whether or not my AV would detect and stop malware that actually did make it onto my computer, let me ask
q1) what are the chances of malware getting onto my computer from the lan/wifi? (not asking about malware coming from email, websites, flash drives, etc. Only asking about the possibility of getting something from the public lan/wifi)
Next, assuming no malware was placed on my computer from the lan/wifi, what (and how great) is the danger to
q2) my data on my computer (from being stolen or viewed)?
q3) the sensitive data I transmit using https being seen or stolen and unencrypted?
I'm asking for real world ("in the wild") dangers at any random free wifi like Starbuck's etc, but not about every possibility or about methods that require skills or equipment that are extremely unlikely to be encountered.
btw, I know there are further steps I could take for better security than the ones I mentioned above, however, for now, I need to get an accurate, but not overly paranoid, picture of where I stand with my current set up. I'm hopeful there are people here that can give me perspective.
formatting edit: I edited so that each question would have a unique number