Url re-direct, weird and slow internet, setting change?

start::
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKLM-x32\...\RunOnce: [360safeuninst_1f0fb7c2d13cc0c07ff2ca40747bc03e] => C:\Users\Me\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_remove360.bat [632 2023-09-13] () [File not signed] <==== ATTENTION
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKU\S-1-5-21-2118630591-2447159386-1078315589-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-2118630591-2447159386-1078315589-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 24.201.245.77 24.200.243.189
Tcpip\..\Interfaces\{89540600-8c74-4bea-8001-fe67aced12ae}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b695eff4-2933-4378-9d47-fadb9fa53d0d}: [DhcpNameServer] 192.168.0.1 24.201.245.77 24.200.243.189
Tcpip\..\Interfaces\{cd30e077-5e47-4959-8372-424c099b15b4}: [DhcpNameServer] 192.168.0.1 24.201.245.77 24.200.243.189
Tcpip\..\Interfaces\{fce0ef15-df65-4d77-bcea-6776fd0d7f1e}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.64\elevation_service.exe" [X]
S4 QHActiveDefense; "C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe" [X]
S4 QHProtected; "C:\Program Files (x86)\360\Total Security\safemon\WscReg.exe" [X]
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
C:\Program Files (x86)\360
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [110800 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R3 360netmon; C:\Windows\System32\DRIVERS\360netmon.sys [96424 2023-03-15] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys
C:\Windows\System32\DRIVERS\360netmon.sys
R3 360Box64; system32\DRIVERS\360Box64.sys [X]
S1 epp; \??\C:\Users\Me\Desktop\Downloads\Malware Removal\bin64\epp.sys [X]
C:\Windows\Tasks\360Disabled
2023-09-13 10:22 - 2023-09-13 11:31 - 000000000 ____D C:\Users\Me\AppData\Roaming\360DesktopLite
2023-09-13 10:22 - 2023-09-13 10:22 - 094499560 _____ C:\Users\Me\Desktop\360TS_Setup.exe
2023-09-13 10:22 - 2023-09-13 10:22 - 000000000 ____D C:\Program Files (x86)\360
2023-09-13 10:22 - 2023-03-15 01:02 - 000540416 _____ (360.cn) C:\Windows\system32\Drivers\360FsFlt.sys.685
2023-09-13 10:22 - 2023-03-15 01:02 - 000360664 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys.816
2023-09-13 10:22 - 2023-03-15 01:02 - 000238304 _____ (360.cn) C:\Windows\system32\Drivers\BAPIDRV64.SYS.upd
2023-09-13 10:22 - 2023-03-15 01:02 - 000110800 _____ (360.cn) C:\Windows\SysWOW64\Drivers\360AvFlt.sys
2023-09-13 10:22 - 2023-03-15 01:02 - 000110800 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys.000
2023-09-13 10:22 - 2023-03-15 01:02 - 000096424 ____N (360.cn) C:\Windows\system32\Drivers\360netmon.sys
C:\ProgramData\Norton
C:\ProgramData\Emsisoft
CustomCLSID: HKU\S-1-5-21-2118630591-2447159386-1078315589-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> "C:\Program Files\NordVPN\NordVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2118630591-2447159386-1078315589-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Me\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2118630591-2447159386-1078315589-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Me\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2118630591-2447159386-1078315589-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\Me\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\FileCoAuth.exe => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
CustomCLSID: HKU\S-1-5-21-2118630591-2447159386-1078315589-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Me\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64\FileSyncShell64.dll => No File
C:\WINDOWS\system32\drivers\etc\hosts
C:\WINDOWS\system32\drivers\etc\hosts.ics
Hosts:
CMD: del /f /s /q %windir%\prefetch\*.*
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
cmd: del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
cmd: del /s /q "%userprofile%\AppData\Local\Opera Software\Opera Stable\Cache\Cache_Data\*.*"
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
Cmd: NETSH winsock reset catalog
Cmd: NETSH int ipv4 reset reset.log
Cmd: NETSH int ipv6 reset reset.log
Cmd: ipconfig /release
Cmd: ipconfig /renew
Cmd: ipconfig /flushdns
Cmd: ipconfig /registerdns
Cmd: bitsadmin /list /allusers
Cmd: bitsadmin /reset /allusers
Cmd: Winmgmt /salvagerepository
Cmd: Winmgmt /resetrepository
Cmd: Winmgmt /resyncperf
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
Reboot:
End::