Thank you for posting here.
According to your description, I understand that:
You have a concern about the outbound port 137 traffic in the SBS domain.
If I have misunderstood the problem, please don't hesitate to let me know.
The UDP 137 is related to the NetBIOS Over TCP/IP name service. Please try
to verify the source program that use this port with the following steps:
1. On the SBS server command prompt, type "netstat -anob"
The -b parameter will help to display the executable involved in creating
each connection or listening port.
2. Find out the program that use the UDP 137. If it is the [System], please
try to check whether the netbios over TCP/IP is disabled on the NIC that is
connected to the Internet (If the SBS server is the 2 NICs scenario).
a) Click Start, point to Settings, and then click Network and Dial-up
b) Right-click Local Area Connection, and then click Properties.
c) Click Internet Protocol (TCP/IP), and then click Properties.
d) Click Advanced.
e) Click the WINS tab, and then click Disable NetBIOS over TCP/IP.
204279 Direct hosting of SMB over TCP/IP
What Is Computer Browser Service?
NetBIOS Over TCP/IP
On the virus issue, I would also like to suggest that you call Microsoft PC
Safety telephone number, 1-866-727-2338 (1-866-PCSAFETY). This service
offers no-charge assistance for virus-related issues or questions.
Also, you can check Microsoft Security and Privacy Web site at:
This Web site offers various articles, updates, tips and tricks, and
resources to protect both home and business computers from virus infection
Hope it helps. If you have any questions or concerns, please do not
hesitate to let me know.
Microsoft Online Partner Support
Microsoft Global Technical Support Center
Get Secure! - www.microsoft.com/security
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
This posting is provided "AS IS" with no warranties, and confers no rights.