My ISP has sent me a second notice that they see port scanning traffic coming from my public IP. I have a static address, so I am sure it is my traffic. They say that it is UDP traffic, but that is about all I have to go on. I enabled logging for all UDP traffic from the LAN to WAN in my router. I see several computer flooding traffic to public IPs using UDP on port 137 and 138.
I have ran all Windows updates and ran virus scans and haven't come up with anything. I have run netstat -p udp 1 to try to see any UDP traffic from one of the offending computers, but it never turns up anything.