diff --git a/README.md b/README.md
index c7fd4e5..77a55fa 100644
--- a/README.md
+++ b/README.md
@@ -4,4 +4,24 @@
Send markdown notifications to gotify channel throught curl
-`Usage: ./gotifypush.sh
`
+* Usage: `./gotifypush.sh `
+
+## scan_chk.sh
+
+Scan rootkits into system with chkrootkit
+
+* Usage: `./scan_chk.sh`
+
+## scan_rkh.sh
+
+Scan rootkits into system with rkhunter
+
+* Usage: `./scan_rkh.sh`
+
+## scan_clam.sh
+
+Scan virus and malware into system with clamav
+
+* Usage: `./scan_clam.sh`
+
+**NOTE:** Need set paths (DIRTOSCAN variable) to scan
diff --git a/scan_chk.sh b/scan_chk.sh
new file mode 100644
index 0000000..b4037c9
--- /dev/null
+++ b/scan_chk.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
+
+# vars gotify
+readonly TOKEN=""
+
+#vars chkrootkit
+SNIFFERS_WHITELIST="dhclient"
+FILES_WHITELIST="/usr/lib/ruby/vendor_ruby/rubygems/ssl_certs/.document "
+FILES_WHITELIST="${FILES_WHITELIST} /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/*/.htaccess "
+FILES_WHITELIST="${FILES_WHITELIST} /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/*/.htpasswd "
+FILES_WHITELIST="${FILES_WHITELIST} /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/*/*/.htaccess "
+FILES_WHITELIST="${FILES_WHITELIST} /usr/lib/python3/dist-packages/fail2ban/tests/files/config/apache-auth/*/*/.htpasswd"
+
+OUT=$(chkrootkit -q -s "$SNIFFERS_WHITELIST" -e "$FILES_WHITELIST")
+if [ -n "$OUT" ]
+then
+ sh ~/gotifypush.sh "CHK Scan handycat cloud" "$OUT" 5 $TOKEN
+else
+ echo "[chkrootkit] system clean"
+fi
diff --git a/scan_clam.sh b/scan_clam.sh
new file mode 100644
index 0000000..0396698
--- /dev/null
+++ b/scan_clam.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+LOGDIR="/var/log/clamav/scan/";
+LOGFILE="clamav-$(date +'%Y-%m-%d').log";
+DIRTOSCAN="/path/to/folder/to/scan"; #multiple folders separate by space
+readonly TOKEN="";
+LOG_PRESERVE_DAYS=30;
+
+mkdir -p $LOGDIR
+
+for S in ${DIRTOSCAN}; do
+ DIRSIZE=$(du -sh "$S" 2>/dev/null | cut -f1);
+
+ echo "Starting a daily scan of "$S" directory. Amount of data to be scanned is "$DIRSIZE".";
+
+ clamscan -ri "$S" >> "$LOGDIR$LOGFILE";
+ echo "Scanned folder: "$S >> "$LOGDIR$LOGFILE";
+
+ # get the value of "Infected lines"
+ MALWARE=$(tail "$LOGDIR$LOGFILE"|grep Infected|cut -d" " -f3);
+
+ # if the value is not equal to zero, send an email with the log file attached
+ if [ "$MALWARE" -ne "0" ];then
+ sh ~/gotifypush.sh "CLAMAV Scan Kerodes Studi7" "Scanned folder: **$S** \r $MALWARE" 5 $TOKEN
+ else
+ echo "[clamav] No infected files found."
+ fi
+done
+
+#clean old logs files
+find $LOGDIR -maxdepth 1 -mtime +$LOG_PRESERVE_DAYS -exec "rm" -R {} \;
+
+exit 0
diff --git a/scan_rkh.sh b/scan_rkh.sh
new file mode 100644
index 0000000..8b1f76d
--- /dev/null
+++ b/scan_rkh.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+PATH=$PATH:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
+
+#vars rkhunter
+readonly TOKEN=""
+
+OUT=$(rkhunter -c -sk --rwo)
+if [ -n "$OUT" ]
+then
+ sh ~/gotifypush.sh "RKH Scan handycat cloud" "$OUT" 5 $TOKEN
+else
+ echo "[rkhunter] system clean"
+fi