I am having a web application where user will upload file and web server will save it to S3 and then later on process it without copying it to local server.
Now my question is how can i perform virus scan on files stored in S3 before processing them.
Requirement is to use well established antivirus applications.

Update:10/April/2018
Till date there is no professional antivirus system that can do scan on s3 bucket directly. We ended up installing antivirus on our windows/linux box and creating a flow where we copy files first to a temporary folder and then copying back to S3 once scan is done.

I would try to establish a workflow with Lambdas. Upon S3 upload, automatically trigger a Lambda which copies the file to a /tmp/ folder somewhere (assuming it fits), virus scan it, and then if it passes the virus scan, re-upload into a separate bucket/folder in S3.

You could use the Virus Total service. Or you could use an open-source solution

There are quite a few ways to do this but they would all involve copying the content out of S3 temporarily so it can be analyzed - ideally this would happen in-region to save you some transfer costs.

Here's an example of doing exactly that using a couple lambda functions (packaged for 1 click deployment): https://github.com/uvasoftware/scanii-lambda

It uses our service (https://scanii.com) for analysis but you can trivially replace that part with whatever service you would like including commercial av ones you already have a relationship with. This code is Apache v2 open source so you can modify it as needed.

Hope this helps