Not true, it does get written before it gets scanned. In fact, it doesn't even always scan before the file is read by explorer (yes, it's the worst AV ever). It's easy to prove this, just extract FFF's WinRAR keygen and you'll see what I mean.
The theoretical security part is what got me "huh π€¨" as well... like "ok, but all of this is planned... or in the works... or it should work... when does the "it does work" part kick in π€¨".
But I have seen a female wolf raise a fox IRL (I have a cottage in a small village in the mountains). They are prey to each other (not really, but if there is nothing else to eat, wolves will hunt and kill a fox as well), but I saw the mother with the fox and the rest of her siblings, she made no distinction raising her biological children and the fox. I gave them food sometimes and I saw her raise them in real time. I'm still amazed by that gesture... and we think of them as animals while us that kill for no reason at all are "civilized"... at least they kill for food...
My point was, MS has backwards compatibility all the way down to an OS that has no sense of users and permissions and that is why Windows, even nowadays, has these problems. If you get rid of the DOS legacy stuff, you can have decent user permission and security in place, but too much shit relies on legacy code, so they keep it.
Yeah, but get this! It's not enough to just envoke cmd in Windows with just Win+R (sorry, sorry... Super+R π), even though you're invoking it from an admin account, no sir, it's still just a plain user as long as cmd is concerned π.
And this is what you get when you wanna do backwards compatibility all the way down to DOS π.
Hm... OK will check π.