I opened up port 3389 on my router because I remote into my computer frequently when not at home. I checked network intrusions and noticed a source IP from Bulgaria was allowed on source port 3389 and dest. 3389. Could someone have possibly used remote desktop to get on my computer, scanned ports? The application was svchost.exe. Any assistance is appreciated.