I made a post over at WindowsBBS for help with this problem, and I was recommended to post here too. The post and full details are at http://www.windowsbbs.com/showthread.php?p=228795#post228795. To summarise, when I try to open any file (even local files) on my XP machine, SVCHOST.EXE sometimes makes requests on Port 80 to the NT machine on my LAN. Both machines are equipped with Sygate, so the copy of Sygate on the NT machine rejects the unsolicited request. Meanwhile back on the XP machine, I have to twiddle my thumbs for ten seconds whilst the request times out. Alternatively, I can run netstat -oa to get the PID of the instance of SVCHOST.EXE causing the problem. Using sysinternal's Process Explorer I can see this is loaded by SERVICES.EXE, so nothing suspect there. However, it would appear that it has loaded some dodgy-looking services - WebClient, UPnP discovery, and RemoteRegistry (which sounds from the description like something I need to remove completely from my system). Scans with AVG and AdAware have revealed nothing. Following the advice on another post on this forum, I've run AutoStart Viewer on the XP machine, but I don't know what's OK and what's suspect in the output. It's rather long, so I wont post it unless someone asks (you may know the answer without seeing it). Can anyone help me please?