request system malware-scan

Syntax

Description

Run the Juniper Malware Removal Tool (JMRT), which scans for and removes malware running on Juniper Networks devices. This command can perform multiple types of scans, detailed in the following section.

Options

`integrity-check`	Check whether integrity mechanisms are enabled and working properly. Integrity mechanisms allow only signed binaries to run on the system. Note: Junos OS with Junos Automation Enhancements does not run Veriexec. As such, running the `integrity-check` command on Junos OS with Junos Automation Enhancements always shows that integrity is not enforced.
`quick-scan`	Start a quick scan, which attempts to scan each process’ executable for malware. If the executable file does not exist, it scans the process memory instead.
`clean-action (clean \| warn)`	Determine the action that JMRT should take when potential malware is detected: `clean`—Remove infected files and processes. This is the default action. `warn`—Notify the user of files and processes containing malware, but do not remove them.
`pids set-of-pids`	Set of process IDs (PIDs) to scan. By default, JMRT scans all processes.

You can access the following options by default in Junos OS Evolved. To access them in Junos OS, install the jmrt-test package.

Note:

You will see the run-fake-malware and list-fake-malware options in Junos OS only if you have installed jmrt-test.

Note:

Before 23.3, you must enable the jmrt-test package to gain access to the test option for quick-scan, run-fake-malware, and list-fake-malware.

`test`	Run a test scan that will detect fake malware. Use this option to observe how JMRT works, without needing actual malware on the system. Note: This option is deprecated from Junos 24.2R2 Now the `quick-scan` option is sufficient to scan for fake-malware.
`run-fake-malware`	Spawn a fake malware process on the system.
`list-fake-malware`	List all fake malware processes (PIDs) that are running on the system.

Required Privilege Level

admin

Sample Output