I have, and have had the setting Common Standard Protection:Prevent common programs from running files from the Temp folder set (to warn mode) as long as I can remember. I hadn't really paid attention to this before, but it generates a TON of messages. It would appear any time you use iexplore.exe on a computer and it writes temp files it takes that as an event and logs it. Since I only have it in warn mode anyway, is there a good reason to keep this enabled since it woudl appear that the vast majority of items on this are legitimate?
This setting is created by default and I only use it to check sometimes if amount of this event grows or not. I don't think a lot of people cheks it so you can disable warning if you want as the rule is not set to block