clamAV is a free and open-source antivirus program, currently maintained and developed by "Cisco-Talos" company. It is widely used in servers, and can be a great tool for scanning your system for malware.
the command that "clamav" program uses to run scans is "clamscan", as will now be shown below.
install the program:
sudo pacman -S clamav
update clamav's virus signature database:
sudo freshclam
scan you desired area in the system and save results into a log file:
clamscan -i -r --bell --log=<scan_output_filename>.txt <target_scan_area>
change the <scan_output_filename> and <target_scan_area> according to your scan.
explanation of command options:
-i : makes command output only infected files during scan (otherwise it would output "OK" line for every file scanned and spam the terminal screen).
-r : recursive, ie, makes the command go through files inside directories instead of skipping them.
--bell : the command will produce a sound if it detects an infected file (or a false positive)
--log=<scan_output_filename>.txt : produces a file in current location, that will contain the results of the scan. you can later go through this file and study the results.
if the program has detected infected files, go to each one and verify they are not false-positives. if indeed files are malicious, you can run the command again, but tell it to delete the infected files from the system using the --remove option:
clamscan -i -r --bell --log=<scan_output_filename>.txt --remove <target_scan_area>
the --remove option tells clamscan to delete whatever infected files it has found.