Why are my browsers suddenly configured to use a proxy?

Fiddler could be the cause. I debug my Silverlight application calls via Fiddler and have realised that launching Fiddler does automatically check the "Use a proxy server for LAN" checkbox. Uncheck the box and do not re-launch Fiddler, and all is well (though at times Fiddler does not track the traffic from that browser instance).

I have had this happen a couple of times in the last month or two and I have seen or heard of it happening to co-workers recently. In all of these cases it was due to malware. You may want to run a second tool in addition to MalwareBytes. The two times it happened to me none of my tools detected the problem. I ran MSConfig and there was a new process set to run during the startup.

You could also use Process Explorer from MS to see the location of all running processes:

http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

You will need to go to View->Select Columns and make sure Image Path is selected in order to see the location of each running process. Anything running from temporary locations would be suspicious. I usually sort the view by image path...makes it quicker to see problem locations. Any suspicious files could be uploaded to VirusTotal.com.

When the malware installs, it plants a proxy program on your system, then configures firefox to use the proxy 127.0.0.1 (localhost) on some weird port (this is of course the port on which the proxy program is taking requests.) When you google something, your request goes through the proxy program and then to the internet. The proxy program searches your request and then sometimes returns relevant ads when you click the link. Some malware proxies are also commanded to block anti malware searches and websites. I a doozy once, so i went to malwarebytes site, but it wouldn't go through. Anyway.. that's how it works. After the malware is removed, the server refuses connections, so you will just need to configure it to use 'no proxy'.

Malwarebyte's ftw!