If I type my credit card into a secure checkout page while running corrupted network monitoring software, am I still safe from the Russian B

Depends on what 'corrupted' is in your case. If the application has been modified and it (or whatever malware it was packaged with) is logging keys, they don't need to decrypt anything, they have your data in plain text. If the site is making a secure connection with a valid certificate you should be fine. They would need the certificate key to decrypt the data if it's only obtaining it from sniffing the wire after being sent.

"I have networking monitoring software installed on my computer

If suspect software is installed on your client machine, you have already lost. It could, for example, copy an RBN Certifying Authority into your user's list of web browser trusted CAs, allowing them to spoof any HTTPS site. Or it could log keypresses, or take pictures of the screen, quite independently of any functionality related to LittleSnitch.

HTTPS protects against man-in-the-middle attacks: if your man-in-the-middle is suspect software on your router or gateway, HTTPS is secure. However it does not and cannot protect against the HTTPS-using client machine itself being compromised."