After all that experimentation, it was the antivirus after all (one of the first things I turned off to no effect because I'm not sure how the "web intelligence" bit is attached to the main part of the program).
Josh guessed "something" between the http and the transport layers and this makes sense as the "web intelligence" scans incoming file attachments and I think may also be checking websites for malicious scripts (which would probably never get executed because I use NoScript, unless it got injected by a website I use frequently that didn't have it before).
Skype is clear (for now, though I'm kind of looking forward to dumping it).
Oh, what happened? Well the Activity Monitor showed that a process called "SophosWebIntelligence" was maxing out one of cpu cores, so I force quit it. This seemed to cause another process called "soagent" to stop responding, so I killed that too. Both processes respawned with the former at a much more normal cpu usage of not much, and teh interwebz went back to normal.
Waiting to see if it happens again and if it does, if the same fix works. And if it does, Sophos might need a reinstall.