The answer is to scan it BEFORE it gets to the DB. Once you have them in, you shouldn't scan the internal volume like has been mentioned before.
Just like any other type of connection to SQL, scrub your inputs. a direct connection into the DB which is not secured like this is just a hand-grenade waiting to happen.
Most of the current AV programs have the ability to act as a proxy to file uploads: instead of uploading directly into the DB, upload to them, it scans and then pushes the contents wherever you want.
----------------------------------------------------------------------------------
Your lack of planning does not constitute an emergency on my part...unless you're my manager...or a director and above...or a really loud-spoken end-user..All right - what was my emergency again?