Ok Howard_Hopkinso, here's my HJT.
I hope I did it right, there's a first time for everything...
That log is so clean,it could be Howard`s !!!!!
Now I'm not sure if being clean is a good or a bad thing. If there was a problem, I could have removed it and (hopefully) not had any more problems. Now I still don't know the culprit.
It seems that many of the processes in the system32 folder could be potential problems(i.e. there are problems named the same thing that exist), but likely they are not.
Oh, and the site that compromised my card goes by "ipayfriendfinder.com," which sounds suspicious just by the name, especially the "i pay" part. I've never been to their site though(and probably don't ever want to do so), so I don't know what's up.
In the link though, the person subscribed to their "service" but couldn't unsubscribe. I never have subscribed at all. Maybe they're good hackers?
In any case they sound less than trustworthy.
Just to be sure ... you don't have any dubious houseguests or occasionally "bad" kids that could get their hands on your c. card while you were, say, in the shower, cutting the lawn, etc.? ...
I haven't had any guests who used the internet lately, and I really doubt that my parents would have done anything like that. Interesting theory though, suppose it's possible, but not very likely.
If someone would have done something like you suggest, I'd think I'd be able to look in my browser history/cookies/cache and find the site listed, but I can't. I doubt anyone I know would know how to remove those items either.
As Peddant says, your HJT log is clean.
So, you problem is deffinitely not caused by anything nasty.