Hmm I removed Cohra 3 days ago because, according to malwarebytes, it was an infected file.
And I kinda trust Malwarebytes, because it's the thing that got me completely rid of a trojan horse 3 days ago. (which was called Win 7 security 2011, if anyone wants to know.)
Hmm I removed Cohra 3 days ago because, according to malwarebytes, it was an infected file.
And I kinda trust Malwarebytes, because it's the thing that got me completely rid of a trojan horse 3 days ago. (which was called Win 7 security 2011, if anyone wants to know.)
I am almost certain Malwarebytes classified cohra.exe as a Trojan.Agent threat. As a matter of fact, it's a false positive due to the fact that COHRA's executable file is compressed. Not like in ZIP compressed. Read below if you don't mind a bit of computer jargon.
Case is dyxtra, COHRA's developer, decided to compress the executable of it before releasing it for his own reasons. He used PECompact to do so. What compressing an executable means is that its code and data sections are not "known", i.e. you can't determine what the program does, until that program is run and loaded into a computer's memory. This kind of behaviour is commonly used by malware. Case in point VirusTotal's analysis on cohra.exe resulting in two security products classifying cohra.exe as suspicious, most certainly because of its compressed state.
Now some security products integrate decompression methods for known executable packers, so that they actually fully test compressed programs. Seems Malwarebytes doesn't for the specific packer, or the specific version of the packer. However, if you test an uncompressed version of COHRA with it, it will say it's clean. Ta-da, I present you just that, an uncompressed version of COHRA.
Note the difference in size from 869,888 to 2,265,088 bytes. If you scan this file, you will get no threat detected. You can even run this file to confirm it's cohra. You can even open a replay, but that's probably as far as you will get, since after that COHRA will probably crash due to the unpacker that I used being generic and requiring a bit of tweaking to fully work with COHRA. But you need to pay me to do that.
TLDR, non tech-savvy version, COHRA is harmless to your computer.
PS If you are wondering why Malwarebytes hasn't declassified COHRA as malware it's probably because it hasn't received reports to do so, and even if it has, the low popularity of COHRA may not warrant a full analysis on their part.
QUOTE(13oomer @ May 30 2011, 11:14 AM)
Does it pick up that the replay is a 2.602 one? Atm, it just says 2.6+
Nah, that's hardcoded into it. For it to change, COHRA needs to be updated.
Lol I'm a bit new to COHRA so please bear with me. What I'm wondering is that does COHRA actually PLAY the replays, as in you can watch the replay, or can you just analyse the chatlog, CPM and stuff?
And if COHRA does not play replays, then is there any software which does? If so, then a link of some sort would be really appreciated. Thanks.
Unzip the file and place in the same folder as COHRA's main executable to work. Limitations and bugs as per this post still apply.
If you find anything wrong with it or something not being identified let me know.
Posts: 1,193
Game: