I have registered the log and added the source through the registry.
(HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\<Log>\<Source>)
When registering, the system creates evt file for the events and set up the whole log parameters.
However I don't know how could I unregister specific source or the whole Log. I can of course delete the keys in the registry and it will dissappear from the system event viewer however the file *.evt is still blocked by the svchost and I would like to also delete this file.
How would I completely stop such a log?
From MSDN:
DeregisterEventSource Closes a write handle to the specified event log.
ClearEventLog Clears the specified event log, and optionally saves the current copy of the log to a backup file.