Why can't I change the total number of log entries by directly editing the EVT file in memory?

Modifying the file header or end-of-file record in memory—such as altering the Last record number—does not affect the count returned by GetNumberOfEventLogRecords. The article verified this by using ProcessHacker to change the header values and then querying the count via a test program; the number remained unchanged. The Event Log service maintains the count independently, so handle manipulation can delete content but not alter the log count.