After a cumulative Win 10 update a couple of months ago, I noticed telemetry files showing up in the %LocalAppData%\Temp directory. I known these are telemetry files since I opened them up in a hex editor and the have the wording "telemetry" toward the end of the file along with some metering parm data and the like. The files always are always named URLxxxx.tmp where xxxx are random alpha and numeric characters. Using Eset HIPS for monitoring, I have traced file creators to be iexplore.exe - usually - and dllhost.exe DCOM -occasionally. What is strange is the files are never deleted by anything, so they are cluttering up the Temp directory. My take on this is MS is harvesting search history from IE11. The file sizes are not small being around 145K or so but sometimes the files contain zip i.e. 0K in size. Anyone else using IE11 on Win 10 notice like file creation activity?