Google will give you a lot of hits on ntnut.exe. According to this site
"it's a memory-resident Trojan that adds several adult-related sites to the
favorites folder of the Web browser. It also adds a folder called
ADULT STORE, which contains its dropped sites or URLs, to the
In addition, it changes the home page of the Web browser into a
particular site. It also deletes specific files, such as NOTEPAD.COM
and SYSTIME.EXE, if they exist on a system.
An indication that the machine has been affected by this Trojan is the
presence of the following files in the Windows system folder:
NTNUT.EXE – an exact copy of itself
SHDOCPE.DLL - contains the .HTML file, which is the assigned home page
of the browser
It runs on Windows 95, 98, ME, NT, 2000, and XP."
Unless someone else posts otherwise, I suggest you post a Hijack This log in the BC Hijack This Forum where the experts can help you remove the problem. A BC Tutorial on posting Hijack This logs can be found here.