Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


request system malware-scan



Run the Juniper Malware Removal Tool (JMRT), which scans for and removes malware running on Juniper Networks devices. This command can perform multiple types of scans, detailed in the following section.



Check whether integrity mechanisms are enabled and working properly. Integrity mechanisms allow only signed binaries to run on the system.


Junos OS with Junos Automation Enhancements does not run Veriexec. As such, running the integrity-check command on Junos OS with Junos Automation Enhancements always shows that integrity is not enforced.

quick-scan Start a quick scan, which attempts to scan each process’ executable for malware. If the executable file does not exist, it scans the process memory instead.
clean-action (clean | warn)

Determine the action that JMRT should take when potential malware is detected:

  • clean—Remove infected files and processes. This is the default action.
  • warn—Notify the user of files and processes containing malware, but do not remove them.
pids set-of-pids Set of process IDs (PIDs) to scan. By default, JMRT scans all processes.

You can access the following options by default in Junos OS Evolved. To access them in Junos OS, install the jmrt-test package.


You will see the run-fake-malware and list-fake-malware options in Junos OS only if you have installed jmrt-test.

test Run a test scan that will detect fake malware. Use this option to observe how JMRT works, without needing actual malware on the system.
run-fake-malware Spawn a fake malware process on the system.
list-fake-malware List all fake malware processes (PIDs) that are running on the system.

Required Privilege Level


Release Information

Command introduced in Junos OS Release 19.2R1.

Command option veriexec-check renamed as integrity-check in Junos OS Release 21.4R1.

Command introduced in Junos OS Evolved Release 21.4R1.