Hey!
Do you know how to use Clamscan to scan USB Drives without mounting them in the system?
I deactivated the autorun/automount to not execute possible malware within pendrives - and infect my system.
Is it possible to scan USB Pendrives blocks without mounting them? What's the safest way to analize pendrives that are plugged in my system for the first time?
ClamAV and ClamScan both rely on filepaths to scan, which is why they need a mounted partition to scan.
You are correct that scanning the USB unmounted is the secure way - for that, I recommend using a different tool than ClamAV, like Bulk Extractor.
Thank you for your advice! Will look at it - and leave the steps/solution well document here, for future users to use it as well.
You can also use the noexec options when mounting a file system to prevent binaries from being executed.
Thank you everyone, for your help!
Here is the documented solution - it may not be perfect, but it's what worked for me... THINGS TO TAKE IN CONSIDERATION:
The best scenario for dealing with those "unsafe USB pendrives" is to use either a virtual machine (VM) or a live boot USB (e.g., Kali Linux OS Live Boot). This is to avoid taking any chances of infecting a host operating system. Handling malware can quickly spiral out of control, so it's best not to take any risks.
If you want to use a separate dedicated live boot USB just to scan pendrives (recommended), you'll need a USB thumb drive with a capacity of 4GB or larger to install Kali Linux Live Boot.
Although it might not be as critical within a live boot USB, it's still advisable to scan a pendrive while it's unmounted using Bulk_Extractor, as suggested by @Aravisian. Additionally, using the noexec options when mounting a file system can help prevent binaries from being executed, as suggested by @zenzen.
PART 1 - RUN "Bulk Extractor"
sudo apt install bulk-extractor
sudo bulk_extractor -o /tmp/usb_scan /dev/sdb1 -e all -S report_read_errors=1
PART 2 - AFTER MOUNTING THE USB DRIVE FOR MALWARE SCAN / I DID HEAVILY SCAN THE USB DRIVE & SYSTEM (I used a mix between chkrootkit, rkhunter, & ClamAV).
sudo mount -t vfat -o noexec /dev/sdb1 /mnt
sudo chkrootkit
sudo chkrootkit -q
sudo rkhunter --propupd --check --checkall --sk
sudo clamscan --max-filesize=2000m --max-scansize=3999m --heuristic-alerts=yes --phishing-scan-urls=yes --detect-pua --recursive --bell --remove --infected /dev/sdb1
PART 3 - AFTER BEING DONE, THE LAST STEP IS SCANNING THE WHOLE SYSTEM WITHIN THE 'LIVE BOOT USB' or 'VM' (JUST IN CASE)
sudo chkrootkit
sudo chkrootkit -q
sudo rkhunter --propupd --check --checkall --sk
sudo clamscan --heuristic-alerts=yes --phishing-scan-urls=yes --detect-pua --recursive --bell --remove --infected /
I could be wrong, but I think this is a possible "safer" alternative that worked for me - you guys let me know what do you think about it 
My only comnent is I would not run PUA as it has always thrown lots of false positives in both the GNU/Linux and Windows versions of ClamAV. It has never worked correctly.
It is true, especially with LibreOffice documents...
I did it out of anxiety, because I had to mount the USB drive in the system to be able to use ClamAV (and that made me feel quite uncomfortable) 
As suggested, I'll leave that option here without running PUA, to help newer less experienced users.
Here is the corrected version for "PART 3 (...)":
sudo clamscan --heuristic-alerts=yes --phishing-scan-urls=yes --recursive --bell --remove /