RomelSan/Eject USB Units.md

## Eject USB Units.md

      
    Raw
  

              Eject USB Units.md
            
          
    Eject USB Units

Find the culprit that prevents ejection of Flash Drives or any other unit.
CMD

wevtutil qe System /q:"*[System[(EventID=225)]]" /c:5 /f:text /rd:true

qe System : query events from System log

/q : query with XPath

EventID=225 means the system refused an ejection request

/c:5 : number of entries to retrieve (5 here)

/f:text : format (default is xml)

/rd:true : reverse order (newest first)
To use as a windows shortcut

Create a shortcut pointing C:\Windows\System32\cmd.exe
"C:\Windows\System32\cmd.exe" /k wevtutil qe System /q:"*[System[(EventID=225)]]" /c:5 /f:text /rd:true

Shortcut for Windows Terminal

wt -p "Command Prompt" C:\Windows\System32\cmd.exe /k wevtutil qe System /q:"*[System[(EventID=225)]]" /c:5 /f:text /rd:true

Powershell

Get-EventLog -LogName System -after (Get-Date).AddHours(-1) | Where-Object {$_.EventID -eq 225} | Sort-Object TimeGenerated | Format-Table -Wrap
To use as a windows shortcut

To use as a windows shortcut then add this to the new shortcut:
powershell -NoExit "Get-EventLog -LogName System -after (Get-Date).AddHours(-1) | Where-Object {$_.EventID -eq 225} | Sort-Object TimeGenerated | Format-Table -Wrap"
Shortcut for Windows Terminal

wt -p "Windows PowerShell" powershell -NoExit "Get-EventLog -LogName System -after (Get-Date).AddHours(-1) | Where-Object {$_.EventID -eq 225} | Sort-Object TimeGenerated | Format-Table -Wrap"

Ico

Add a custom ico, for example use the same ico as Windows Terminal.
https://github.com/microsoft/terminal/blob/main/res/terminal.ico
Author

Romel Vera
Copyright

Attribution-ShareAlike 4.0 International

CC BY-SA 4.0

https://creativecommons.org/licenses/by-sa/4.0/