Eject USB

Roof Fiddler,

I've seen this happening on XP too every now and then, so there's nothing
new in this behavior on Vista. Two ways I usually troubleshoot/workaround
this issue: configuring drive for quick removal and tracking down offending
process.

1. To configure drive for quick removal, Open Device Manager; expand "Disk
drives" node; double click drive in question; on the Policies tab make sure
"Optimize for quick removal" radio-button is checked. This will slow down
file operations on the drive but will allow you to remove it at any moment
without even using (sometimes failing) "Safe Removal" function.

2. Two usual suspects that can keep your USB drive busy are System Restore
and Indexing. I'd check their settings to see if your system configured to
either create restore points for this drive or to index its contents for
instant search. Also, I'd find out exact instance of svchost that has
handles open to this drive and which services are running under this
instance. I use Sysinternals' handle.exe and built-in tasklist.exe
command-line utilities for this. First, you run

handle DRIVE:

to get PIDs of processes that have handles open on the drive. Then you can
run

tasklist /SVC /FI "PID eq PROCESS_ID"

where PROCESS_ID is the PID you've got from handle. If it's svchost that has
handles open, you'll get the list of services that run under this instance
of svchost.

To get friendly names of services, you can use sc.exe built-in utility:

sc qc SERVICE_NAME | find /i "DISPLAY_NAME"

where SERVICE_NAME is the name you've got from taskilst output.



Example:
======================8<========================
C:\>handle H:\

Handle v3.2
Copyright (C) 1997-2006 Mark Russinovich
Sysinternals - www.sysinternals.com

System pid: 4 1C8:
H:\$Extend\$RmMetadata\$TxfLog\$TxfLogContainer00...
System pid: 4 270:
H:\$Extend\$RmMetadata\$TxfLog\$TxfLog.blf
System pid: 4 27C:
H:\$Extend\$RmMetadata\$TxfLog\$TxfLogContainer00...
System pid: 4 288: H:\$Extend\$RmMetadata\$Txf
System pid: 4 368: H:\System Volume
Information\{3808876b-c176-4e48-b7...
System pid: 4 36C: H:\System Volume
Information\{477ccf48-a888-11db-b5...
svchost.exe pid: 1148 5BC: H:\$Extend\$ObjId
svchost.exe pid: 1148 5C4: H:\System Volume Information\tracking.log

C:\>tasklist /SVC /FI "PID eq 1148"

Image Name PID Services
=============== ========= =======================================
svchost.exe 1148 AudioEndpointBuilder, CscService,
EMDMgmt,
hidserv, Netman,
PcaSvc, SysMain,
TabletInputService,
TrkWks, UmRdpService,
UxSms,
WdiSystemHost, WPDBusEnum, wudfsvc

C:\>sc qc AudioEndpointBuilder | find "DISPLAY_NAME"
DISPLAY_NAME : Windows Audio Endpoint Builder

C:\>sc qc CscService | find "DISPLAY_NAME"
DISPLAY_NAME : Offline Files

C:\>sc qc EMDMgmt | find "DISPLAY_NAME"
DISPLAY_NAME : ReadyBoost

C:\bin>
======================8<========================

Hope this helps,

--
Alexander Suhovey