Juniper Malware Removal Tool
The Juniper Malware Removal Tool (JMRT) is a utility to scan for and remove malware running on Juniper Networks devices. JMRT is packaged with Junos OS and Junos OS Evolved by default. It is similar to antivirus software for desktop computers, except that JMRT runs on a Juniper device.
JMRT identifies malware present on the Routing Engine by using signature-based detection, but it can detect only malware with known signatures. If your device encounters new or unknown malware, JMRT might not be able to detect it.
You can use JMRT to perform two types of scans— quick scan and integrity check. You can also use the tool to spawn fake malware on your device and then run a test scan for it. Test scans show how JMRT behaves when it detects malware.
Quick Scan
JMRT scans the processes running on the system for malware. If it cannot find the executable for a process, it scans the process memory instead. By default, it scans all processes and, if malware is detected, it stops the processes and deletes the malware files. You can run this scan to quickly identify and remove malicious processes from your system. Alternatively, you can choose to scan a specific set of processes. You can also choose whether you want malware to be deleted or whether you simply want to be notified of it without any deletion.
Integrity Check
JMRT checks whether the system has the integrity mechanisms enabled. These mechanisms prevent arbitrary executable files that are not signed by Juniper from running. To enforce integrity mechanisms, Junos OS uses Verified Exec (Veriexec) and Junos OS Evolved uses Integrity Measurement Architecture (IMA).