diff --git a/Encapsulationdb.sql b/Encapsulationdb.sql
new file mode 100644
index 0000000..3da07fe
--- /dev/null
+++ b/Encapsulationdb.sql
@@ -0,0 +1,22 @@
+/* C:\Windows\appcompat\encapsulation\Encapsulation.db */
+
+Select 
+ProgramFileHistory.ProgramFileId as 'ProgramFileId',
+ProgramFileHistory.ProgramId,
+ProgramFileHistory.FileId,
+ProgramFileHistory.ExeName,
+ProgramFileHistory.FirstSeen,
+ProgramFileHistory.LastSeen,
+ProgramFileHistoryDetail.CreatedDate,
+ProgramFileHistoryDetail.SessionRegistryEventCount,
+ProgramFileHistory.TotalRegistryEventCount,
+ProgramFileHistoryDetail.RegistryCacheHit,
+ProgramFileHistoryDetail.SessionFileEventCount,
+ProgramFileHistory.TotalFileEventCount,
+ProgramFileHistoryDetail.FileCacheHit,
+ProgramFileHistory.LastProcessId,
+ProgramFileHistory.DisableLogging
+
+from ProgramFileHistory
+join ProgramFileHistoryDetail on ProgramFileHistory.ProgramFileId = ProgramFileHistoryDetail.ProgramFileId
+Order by ProgramFileId desc
\ No newline at end of file