I have a client who has had two separate credit cards compromised in the last week. Same user, same computer, different secure websites, and two totally different cards. I have run malware and AV scans on the machine, verified the web browser was fully patched and didn't have any extensions installed, verified Gateway AV IPS and App Control was enabled on the Sonicwall. We looked for rogue APs and came back clean. Both cards were used within an hour of being used for online transactions and the cards were entered in to the web browser manually, not saved. I am running out of ideas on where to look or what to even look for. Any help would be appreciated.