If it's in RAM and can re-insert itself...
There's not necessarily any reason to assume that the malicious code has any persistence mechanism. In fact, all evidence of it could already be gone at this point, which is another reason that it's logically impossible for the OP to know whether malware is behind the rogue credit card charge.
Ah, yes, good point. Practically, though, even the super-sophisticated firmware code left some evidence lying around.
...If good scanners can't find them, because they're super-secret and cost millions to create...
My post was restricted to commenting on a pure logical claim and was not a discussion of any practical information. Your practical comments might be true but are tangential to the point I was making. That said, I am sceptical of your specific claims, such as that it would "cost millions to create" malicious code that isn't detected by an anti-virus program. Have you ever tried? I estimate it would take you a few hours to design your own malicious program that isn't picked up by an off-the-shelf anti-virus program. Even if you value your time at $1,000 per hour, that isn't approaching millions of dollars.
By the time any scanner is run, the definitions will have been updated. Unless we're talking about a first-day exploit/malware where the OP boots to an USB stick immediately, this won't be a problem. The "millions" of dollars obviously is in reference to the firmware malware developed by Equation.
Of course, if we're going to use extremely unlikely scenarios to prove a purely logical claim, we may as well toss out the "known clean" computer comparison, too. The drive itself could be infected at the manufacturer (see: routers from China). Or the "known clean" drive+mobo was physically removed, altered, and replaced by operatives. Etc., etc.
In other words, you're right -- it is logically impossible to determine if a computer has been infected.
For the world in which we live, and to answer the OP's question, you would boot off a USB stick.