Hi!
I'm planning to test my parallel algorithm for virus detection.
So I choose ClamAV's engine to implement my algorithm.
I have dowloaded ClamAV source code at
https://github.com/vrtadmin/clamav-devel
I open it with Visualstudio and start with it.
But I can't find where the algorithms are implemented in to change it.
Please point me where i have to concern to test my algorithm.
Any help would be really appreciated.
Thanks!!!

The algorithms are contained in clamscan.exe.

Clam AV primarily uses static virus signatures, but I hope that you will use some algorithms that are not dependent upon static signatures so that you can detect malware for which there are no traditional signatures. A good AV needs some of these signatures because most malware is now changed often (sometimes hourly) to avoid the static signatures.

Regards,

Thanks you for prompt respond.
I have read the source code for several day.As I know,ClamAV use Wu-Manber algorithm.
Do you know where's the source code of Wu-Manber algorithm in ClamAV?
Thanks!!!

AFAIK ClamAV doesn't use Wu-Manber, but I'm not certain. You can take a look at matcher-bm and matcher-ac to see ClamAV's implementation of Boyer-Moore and Aho-Corasick.

The ClamAV mailing list is probably a better place to ask this question, as you can get an answer from a developer.

Thanks you!!!That's true.
ClamAV calls it the Boyer-Moore (BM) algorithm, but the algorithm
actually operates in the same way as the WM algorithm.