Message	Id	Level	Task	Keywords	RecordId	ProviderName	ProviderId	LogName	ProcessId	ThreadId	MachineName	UserId	TimeCreated	ActivityId	ContainerLog	MatchedQueryIds	Bookmark	LevelDisplayName	OpcodeDisplayName	TaskDisplayName	KeywordsDisplayNames	Properties
DPAPI created Master key. GUID: {58771D15-CDAC-417D-AC94-4C16DDF6CBE6} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\User\	1	4	2	-9223372036854775806	8	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	828	872	WIN-5T344G8GM1H	S-1-5-18	10/29/2020 9:04:51 PM	0248b07f-ae37-0005-83b0-480237aed601	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {BC69FCF1-8C56-4450-AAC6-CE47602DD16E} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\	1	4	2	-9223372036854775806	7	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	828	872	WIN-5T344G8GM1H	S-1-5-18	10/29/2020 9:04:51 PM	0248b07f-ae37-0005-83b0-480237aed601	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {83AE8B35-3F16-414C-BB1B-3B0177EBD033} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\	1	4	2	-9223372036854775806	6	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	828	916	WIN-5T344G8GM1H	S-1-5-18	10/29/2020 9:04:18 PM	0248b07f-ae37-0005-83b0-480237aed601	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {C7198921-60F0-4D6D-9A49-A14367A7A880} User Storage Area: C:\Users\Administrator\AppData\Roaming\Microsoft\Protect\S-1-5-21-416071247-492812682-1642729393-500\	1	4	2	-9223372036854775806	5	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	640	680	WIN-5T344G8GM1H	S-1-5-18	1/16/2018 5:02:22 PM	a4626349-8ea8-0000-df63-62a4a88ed301	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {D3ECD52C-2D44-4F3C-8C05-9CCDC4E9B585} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\User\	1	4	2	-9223372036854775806	4	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	656	744	WIN-PD8DQPRRTAO	S-1-5-18	1/16/2018 5:01:29 PM	60e27e42-8f3f-0003-7a7e-e2603f8fd301	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {1D7DC317-5487-4EE6-8BF8-0102D0030E5B} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\	1	4	2	-9223372036854775806	3	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	656	744	WIN-PD8DQPRRTAO	S-1-5-18	1/16/2018 5:01:29 PM	60e27e42-8f3f-0003-7a7e-e2603f8fd301	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {CB844988-F947-47BF-A007-354E50218147} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\	1	4	2	-9223372036854775806	2	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	656	748	WIN-PD8DQPRRTAO	S-1-5-18	1/17/2018 3:01:05 AM	60e27e42-8f3f-0003-7a7e-e2603f8fd301	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {1F2DBBD5-4949-4E62-8FD1-B624A8CE2C1B} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\User\	1	4	2	-9223372036854775806	1	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	656	716	WIN-PD8DQPRRTAO	S-1-5-18	1/17/2018 3:01:05 AM		microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]