# Everything History

## Overview

**Evidence:** Everything History\
**Description:** Collect Everything Run History\
**Category:** Applications\
**Platform:** windows\
**Short Name:** evryh\
**Is Parsed:** No\
**Sent to Investigation Hub:** No\
**Collect File(s):** Yes

## Background

Everything is a popular file search tool that maintains a history of executed files and applications in Run History.csv. This file tracks programs launched through Everything's interface.

## Data Collected

This collector gathers structured data about everything history.

## Collection Method

This collector gathers the Run History.csv file from Everything's application data directories containing execution history.

## Forensic Value

Everything run history reveals programs executed, file paths accessed, and search queries. This helps identify tools used, files accessed, and can reveal execution of malicious tools or scripts.