OA 5.5.0.1557 alerts with Shadow Defender

Have been using SD v .278 for a few years without problem. After upgrading to the latest OA premium 5.5, I am seeing these two red alerts.

1. SD wants to write to disk (C
2. Screen logger detected.

I believe 1. should be normal to create the shadow, but how come previous version did not flag it?

And why is 2. coming, again never came all these years with SD on OA Premium.

Can anyone give me the MD5 of OA Premium 5.5.0.1557?

Thanks

 

I'd contact Emsisoft or ask Fabian Wosar here on WSF, perhaps post your question in one of the other OA threads here.
The file hashes for OnlineArmorSetupexe 5.5.0.1557 are MD5; 28E0AEC53671810138001617D9AB344B / SHA1; E8CEF0C4E9A06FF6957ADB8B7646D2B919B6D8EB

 

I've always been alerted by OA (and most other HIPS) for Shadow Defender even after the 'trust everything' wizard or similar. I personally think they are right to do so. The executables are not signed and the methodology SD uses to protect the system, if it was not implemented by a safe application, like writing to the raw disc would be suspicious.

Perhaps Emsisoft should whitelist though. Maybe they do but just not the lastest (of questionable origin?) versions or the look-up to their cloud servers just didn't work on that occassion? Maybe someone fom Emsisoft will confirm.

Cheers

 

Thanks for your replies. Since SD is no longer in development, I doubted if Emsisoft would bother checking. But I'd definitely ask them why in spite of being a security SW vendor, they dont provide MD5/SHA. And open a new thread on this.

 

But one question remains, why I am getting these alerts only after upgrading to the latest edition of OA Premium even with Contact Anti-Malware network in real time NOT ticked.