There's really no way (in Windows) to protect anything
against an Admin account, since, by definition, an admin has the ability to change any setting, take ownership of any file, and even edit the memory of other processes.
There's a Windows group policy setting (HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxySettingsPerUser) which is a DWORD that, when set to 0, forces all users' WinINET proxy settings to use the "computer-wide" proxy settings that are only configurable by an administrator. So you can set that setting, configure the computer wide proxy settings to point at 127.0.0.1:8888 and then all users will use the shared proxy setting. By default, that means all browsers will go through that shared proxy.
However, as far as I know, neither Chrome nor Firefox respects that setting, so that unlike IE's settings (which are locked by group policy), a user of those browsers can simply change the proxy settings to whatever they like (including null) to bypass your filter.
You could do some crazy things (e.g. use a wifi router that requires a given header on all outbound traffic, and then have your FiddlerCore app add that secret header, such that bypassing the proxy causes the traffic to fail) but these are all pretty complicated.
Do you want to have your say when we set our development plans?
Do you want to know when a feature you care about is added or when a bug fixed?
Telerik Feedback Portal
and vote to affect the priority of the items