Microsoft-Windows-Hyper-V-Integration-RDV
10 events across 3 channels
| Event | Title | Channel | Sample |
|---|---|---|---|
| 3584 | [VMID VmId] TraceData. | Microsoft-Windows-Hyper-V-Integration-Debug | N |
| 3584 | [VMID VmId] | Operational | N |
| 3585 | [VMID VmId] TraceData. | Microsoft-Windows-Hyper-V-Integration-Debug | N |
| 3585 | [VMID VmId] | Operational | N |
| 3586 | [VMID VmId] TraceData. | Microsoft-Windows-Hyper-V-Integration-Debug | N |
| 3586 | [VMID VmId] | Operational | N |
| 3587 | [VMID VmId] TraceData. | Microsoft-Windows-Hyper-V-Integration-Debug | N |
| 3587 | [VMID VmId] | Operational | N |
| 4000 | Hyper-V Rdv Transport Service failed to connect to virtual machine 'VmName' … | Microsoft-Windows-Hyper-V-Integration-Admin | N |
| 4000 | Hyper-V Rdv Transport Service failed to connect to virtual machine 'VmName' … | Operational | N |
Event ID 3584: [VMID VmId] TraceData.
#Event ID 3584: [VMID VmId]
#Fields #
| Name | Description |
|---|---|
TraceData UnicodeString | |
VmName UnicodeString | |
VmId UnicodeString | |
StackFrameCount UInt32 | |
StackFrame Pointer | |
ModuleCount UInt32 | |
Module Int32 |
Event ID 3585: [VMID VmId] TraceData.
#Event ID 3585: [VMID VmId]
#Fields #
| Name | Description |
|---|---|
TraceData UnicodeString | |
VmName UnicodeString | |
VmId UnicodeString | |
StackFrameCount UInt32 | |
StackFrame Pointer | |
ModuleCount UInt32 | |
Module Int32 |
Event ID 3586: [VMID VmId] TraceData.
#Event ID 3586: [VMID VmId]
#Fields #
| Name | Description |
|---|---|
TraceData UnicodeString | |
VmName UnicodeString | |
VmId UnicodeString | |
StackFrameCount UInt32 | |
StackFrame Pointer | |
ModuleCount UInt32 | |
Module Int32 |
Event ID 3587: [VMID VmId] TraceData.
#Event ID 3587: [VMID VmId]
#Fields #
| Name | Description |
|---|---|
TraceData UnicodeString | |
VmName UnicodeString | |
VmId UnicodeString | |
StackFrameCount UInt32 | |
StackFrame Pointer | |
ModuleCount UInt32 | |
Module Int32 |
Event ID 4000: Hyper-V Rdv Transport Service failed to connect to virtual machine 'VmName' because there is no mutually supported protocol for VM.
#Description
Hyper-V Rdv Transport Service failed to connect to virtual machine 'VmName' because there is no mutually supported protocol for VM: (Virtual machine ID VmId). Framework version: Param1; Message version: Param2.
Message #
Fields #
| Name | Description |
|---|---|
VmName UnicodeString | |
VmId UnicodeString | |
Param1 UnicodeString | |
Param2 UnicodeString | |
Param3 UnicodeString |
Event ID 4000: Hyper-V Rdv Transport Service failed to connect to virtual machine 'VmName' because there is no mutually supported protocol for VM: (Virtual machine ID VmId)
#Description
Hyper-V Rdv Transport Service failed to connect to virtual machine 'VmName' because there is no mutually supported protocol for VM: (Virtual machine ID VmId). Framework version: Param1; Message version: Param2.
Fields #
| Name | Description |
|---|---|
VmName UnicodeString | |
VmId UnicodeString | |
Param1 UnicodeString | |
Param2 UnicodeString | |
Param3 UnicodeString |
Provenance
Where this provider's schema came from, and which Windows build it was observed on. Windows can change a provider's event schema between builds, so use this to judge whether it matches the build you collect from.
ETW provider GUID fdff33ec-70aa-46d3-ba65-7210009fa2a7
Defined in vmicrdv.dll, which carries the event manifest.
Observed on:
- Win11-26200.6584, schema read from the registered manifest, binary version 10.0.26100.1, captured 2026-06-02