Message	Id	Level	Task	Keywords	RecordId	ProviderName	ProviderId	LogName	ProcessId	ThreadId	MachineName	UserId	TimeCreated	ActivityId	ContainerLog	MatchedQueryIds	Bookmark	LevelDisplayName	OpcodeDisplayName	TaskDisplayName	KeywordsDisplayNames	Properties
DPAPI created Master key. GUID: {75379CBF-1BF4-48BE-B082-826896CB6798} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\User\	1	4	2	-9223372036854775806	8	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	824	896	WIN-5T344G8GM1H	S-1-5-18	8/6/2021 11:52:05 AM	5fa37d14-8ab9-0005-1a7d-a35fb98ad701	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {B4A8ECB5-6074-45E0-BCB5-C595E801A56E} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\	1	4	2	-9223372036854775806	7	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	824	896	WIN-5T344G8GM1H	S-1-5-18	8/6/2021 11:52:05 AM	5fa37d14-8ab9-0005-1a7d-a35fb98ad701	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {576F0431-4EBF-47B0-A2C0-4501C59823BD} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\	1	4	2	-9223372036854775806	6	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	824	860	WIN-5T344G8GM1H	S-1-5-18	8/6/2021 11:51:44 AM	5fa37d14-8ab9-0005-1a7d-a35fb98ad701	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {C7198921-60F0-4D6D-9A49-A14367A7A880} User Storage Area: C:\Users\Administrator\AppData\Roaming\Microsoft\Protect\S-1-5-21-416071247-492812682-1642729393-500\	1	4	2	-9223372036854775806	5	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	640	680	WIN-5T344G8GM1H	S-1-5-18	1/16/2018 5:02:22 PM	a4626349-8ea8-0000-df63-62a4a88ed301	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {D3ECD52C-2D44-4F3C-8C05-9CCDC4E9B585} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\User\	1	4	2	-9223372036854775806	4	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	656	744	WIN-PD8DQPRRTAO	S-1-5-18	1/16/2018 5:01:29 PM	60e27e42-8f3f-0003-7a7e-e2603f8fd301	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {1D7DC317-5487-4EE6-8BF8-0102D0030E5B} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\	1	4	2	-9223372036854775806	3	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	656	744	WIN-PD8DQPRRTAO	S-1-5-18	1/16/2018 5:01:29 PM	60e27e42-8f3f-0003-7a7e-e2603f8fd301	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {CB844988-F947-47BF-A007-354E50218147} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\	1	4	2	-9223372036854775806	2	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	656	748	WIN-PD8DQPRRTAO	S-1-5-18	1/17/2018 3:01:05 AM	60e27e42-8f3f-0003-7a7e-e2603f8fd301	microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]
DPAPI created Master key. GUID: {1F2DBBD5-4949-4E62-8FD1-B624A8CE2C1B} User Storage Area: C:\windows\system32\Microsoft\Protect\S-1-5-18\User\	1	4	2	-9223372036854775806	1	Microsoft-Windows-Crypto-DPAPI	89fe8f40-cdce-464e-8217-15ef97d4c7c3	Microsoft-Windows-Crypto-DPAPI/Operational	656	716	WIN-PD8DQPRRTAO	S-1-5-18	1/17/2018 3:01:05 AM		microsoft-windows-crypto-dpapi/operational	System.UInt32[]	System.Diagnostics.Eventing.Reader.EventBookmark	Information	Info	Master Key Operation	System.Collections.ObjectModel.ReadOnlyCollection`1[System.String]	System.Collections.Generic.List`1[System.Diagnostics.Eventing.Reader.EventProperty]