Impossible d'accéder à la base de registre

Bonjour,
mon système a pété un câble, il est virussé et j'aimerais régler ces problèmes sans avoir a formatter
aidez moi s'il vous plait, je n'arrive pas à accèder au registre, et je ne sais pas écrire des fichier .reg
j'ai fait un scan avec le script silent runner et voici le rapport qu'il m'a généré

"Silent Runners.vbs", revision 58, https://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ {++}
"USTHB-FATIHA" = ".vbe" [null data]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"SiSPower" = "Rundll32.exe SiSPower.dll,ModeAgent" [MS]
"SoundMan" = "SOUNDMAN.EXE" ["Realtek Semiconductor Corp."]
"IEXPLORER" = "C:\WINDOWS\system32\iexplorer.exe" [null data]
"AVP" = ""C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"" ["Kaspersky Lab"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{11F09AFD-75AD-4E51-AB43-E09E9351CE16}\(Default) = "AdPopup"
-> {HKLM...CLSID} = "CAdLogic Object"
\InProcServer32\(Default) = "C:\Program Files\Fichiers communs\CPUSH\cpush.dll" [null data]
{1AB1F65A-964F-4AE7-B254-05146A0E602E}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Internet Explorer\PLUGINS\WinSys16.Sys" [null data]
{35694105-5108-9405-3695-954187462153}\(Default) = "mpwdcapi.dll"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\mpwdcapi.dll" [null data]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Info cache"
\InProcServer32\(Default) = "C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll" ["********" (unwritable string)]
{4C8D1401-A58D-A81C-CD24-A5915C4517C4}\(Default) = "mnmhdsrv.dll"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\mnmhdsrv.dll" [null data]
{5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5}\(Default) = "oohxdbyt.dll"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\oohxdbyt.dll" [null data]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Extension Affichage Panorama du Panneau de configuration"
-> {HKLM...CLSID} = "Extension Affichage Panorama du Panneau de configuration"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Extension icône HyperTerminal"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\OLKFSTUB.DLL" [MS]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\MLSHEXT.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\Office12\msohevi.dll" [MS]
"{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" = "Microsoft Office Metadata Handler"
-> {HKLM...CLSID} = "Microsoft Office Metadata Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\msoshext.dll" [MS]
"{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" = "Microsoft Office Thumbnail Handler"
-> {HKLM...CLSID} = "Microsoft Office Thumbnail Handler"
\InProcServer32\(Default) = "C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\msoshext.dll" [MS]
"{85E0B171-04FA-11D1-B7DA-00A0C90348D6}" = "Web Anti-Virus statistics"
-> {HKLM...CLSID} = "Web Anti-Virus statistics"
\InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll" ["Kaspersky Lab"]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{4C8D1401-A58D-A81C-CD24-A5915C4517C4}" = "mnmhdsrv.dll"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\mnmhdsrv.dll" [null data]
<<!>> "{1AB1F65A-964F-4AE7-B254-05146A0E602E}" = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Internet Explorer\PLUGINS\WinSys16.Sys" [null data]
<<!>> "{262fc17d-bbdd-47b7-954a-2974733a58cd}" = "MMKAFNFW1086.dll"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\MMKAFNFW1086.dll" [null data]
<<!>> "{5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5}" = "oohxdbyt.dll"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\oohxdbyt.dll" [null data]
<<!>> "{35694105-5108-9405-3695-954187462153}" = "mpwdcapi.dll"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\WINDOWS\system32\mpwdcapi.dll" [null data]
<<!>> "{84143967-B645-4BFF-B873-DA1DC886E9A7}" = (no title provided)
-> {HKLM...CLSID} = "MICROSOFT"
\InProcServer32\(Default) = "C:\WINDOWS\system32\cedafb.dll" [null data]
<<!>> "{6E6CA8A1-81BC-4707-A54C-F4903DD70BAD}" = (no title provided)
-> {HKLM...CLSID} = "MICROSOFT"
\InProcServer32\(Default) = "C:\WINDOWS\system32\zgxfdx.dll" [null data]
<<!>> "{8C41B7F7-3168-400D-A702-0E7EFE0BA304}" = (no title provided)
-> {HKLM...CLSID} = "Microsoft"
\InProcServer32\(Default) = "C:\WINDOWS\system32\sgrefg.dll" [null data]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> klogon\DLLName = "C:\WINDOWS\system32\klogon.dll" ["Kaspersky Lab"]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\
<<!>> 360rpt.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> 360safe.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> 360tray.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> ANTIARP.exe\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> Ast.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> AutoRunKiller.exe\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> AvMonitor.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> AVP.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> CCenter.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> Frameworkservice.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> IceSword.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> Iparmor.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> KASARP.exe\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> KRegEx.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> KVMonxp.kxp\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> KVSrvXP.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> KVWSC.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> Mmsk.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> Navapsvc.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> Nod32kui.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> QQDOCTOR.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> Regedit.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> VPC32.exe\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> VPTRAY.exe\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> WOPTILITIES.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]
<<!>> Wuauclt.EXE\Debugger = "C:\WINDOWS\system32\wuauc1t.exe" [null data]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\
<<!>> text/xml\CLSID = "{807563E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = "Microsoft Office InfoPath XML Mime Filter"
\InProcServer32\(Default) = "C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL" [MS]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll" ["Kaspersky Lab"]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\
Kaspersky Anti-Virus\(Default) = "{dd230880-495a-11d1-b064-008048ec2fc5}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll" ["Kaspersky Lab"]


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

"shutdownwithoutlogon" = (REG_DWORD) dword:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) dword:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\fatiha\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]


Startup items in "fatiha" & "All Users" startup folders:
--------------------------------------------------------

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
"Utility Tray" -> shortcut to: "C:\WINDOWS\system32\sistray.exe" ["Silicon Integrated Systems Corporation"]


Enabled Scheduled Tasks:
------------------------

"At1" -> launches: ".vbe" [null data]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entr­ies\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entri­es\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
C:\WINDOWS\system32\ywg32.dll [null data], 01, 13
%SystemRoot%\system32\mswsock.dll [MS], 02 - 04, 07 - 12
%SystemRoot%\system32\rsvpsp.dll [MS], 05 - 06


Toolbars, Explorer Bars, Extensions:
------------------------------------

Explorer Bars

HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\

HKLM\SOFTWARE\Classes\CLSID\{85E0B171-04FA-11D1-B7DA-00A0C90348D6}\(Default) = "Web Anti-Virus statistics"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll" ["Kaspersky Lab"]

HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Rechercher"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}\
"ButtonText" = "Web Anti-Virus statistics"

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Research"

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]


Miscellaneous IE Hijack Points
------------------------------

C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")

Added lines (compared with English-language version):
[Strings]: SAFESITE_VALUE="https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fhome.microsoft.com%2fintl%2ffr%2f%3f"

Missing lines (compared with English-language version):
[Strings]: 1 line


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

SQL Server (SQLEXPRESS), MSSQL$SQLEXPRESS, ""C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS" [MS]


---------- (launch time: 2002-05-28 12:25:26)
<<!>>: Suspicious data at a malware launch point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points, use the -supp parameter or answer "No" at the
first message box and "Yes" at the second message box.
---------- (total run time: 33 seconds, including 3 seconds for message boxes)
yasmine