Mikrotik doesn't allow us shell access to our routers to perform this kind of examination. They are able to release single purpose tool. If you think a device may be infected, netinstall is by far the safest option. I don't think so, we secure our network pretty heavily. But if we ought to find out...

There is a lot of information here, how to protect router, how to deal with infection, how we should always upgrade and few overconfident statement about how were routers infected. But one crucial information is missing: how to determine if my router is infected? And I know you already typing "...