System area is a storage area that is used by system applications. It contains sensitive user data and data critical to device operation. If root access is not allowed on your device, system area is not available to you.
Malicious applications can gain root access and make changes to system area: delete, add, or change files or folders.
Component SpIDer Guard can monitor changes in system area. You can enable checking system area in the . If the component detects suspicious changes in system area, it notifies you about it.
If SpIDer Guard detects one of the changes listed, the files or folders themselves are not necessarily malicious. However the change can be made by a malicious application.
For the detected changes, the following options are available:
•—available only if executable files have been added or changed: APK, files of format ELF, JAR, ODEX, SO, etc.
SpIDer Guard only informs you about the changes listed above. To detect the malicious application that could made the change to the system area, run the .