Description: Windows Application Compatibility Database is used by Windows to identify possible application compatibility challenges with executables. Tracks the executables file name, file size, last modified time.
Location:
Notes: Any executable run on the Windows system could be found in this key. You can use this key to identify systems that specific malware was executed on. In addition, based on the interpretation of the time-based data you might be able to determine the last time of execution or activity on the system.
Analysis:
Coming Soon!