Amcache is a database on Windows operating systems which has information on applications that have been run on a PC. This registry 'hive' will usually be located at C:\Windows\appcompat\Programs\Amcache.hve on Windows 10.

Eric Zimmerman has a collection of open source forensic tools which can be downloaded here. Amcache Parser will help you access the contents of the Amcache file. Unzip the executable file and open the command prompt in admin mode. Run this command which points to the hive registry and designates that a .csv file should be generated:

AmcacheParser.exe -f C:\Windows\appcompat\Programs\Amcache.hve –-csv c:\temp

In my test tonight, Amcache Parser created six .csv files.

Among other information these files show you when devices have been connected to a computer . . .

. . . and when applications have been run on a computer.