The Application module records the name and information on processes opened and closed on the target device.
Evidence lists all the applications used by the target in chronological order.