If you were scanning for just one virus signature, then a single string search algorithm like Boyer-Moore would be a good choice. (There are other fast single search algorithms too.)
But a virus scanner typically looks for many virus signatures, and the signatures are typically not just simple sequence-of-byte signatures.
If you are looking for the (technically) best algorithm, then I suggest you read the Wikipedia page on String Search Algorithms, and consider all of the alternatives that it links to. That's only a start, since there are (apparently) other search algorithms that are not listed there.
As to the best representation of the signatures, that will depend on what search algorithms you use. But since you are looking for byte patterns in code objects, a byte-based representation (byte strings or byte-based patterns / regexes) seems most appropriate.
(I don't see how hashes would actually help you with this problem ...)
But that assumes that you really need the best search technology that is available. It sounds like this is an assignment you are doing, and for that a your original choice of Boyer-Moore is fine. A simple approach is to read each file into memory, and then do a Boyer-Moore search for each virus signature. That won't be as fast as a commercial / professional virus scanner, but it should be good enough for your purposes.