Troj/Cidra-A is a backdoor proxy Trojan that allows a remote attacker to use a compromised computer to relay TCP traffic through.
In order to be executed automatically when Windows starts up Troj/Cidra-A adds the registry entry HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Usbd pointing to the file usb_d.exe.
Troj/Cidra-A opens a random listening port and periodically attempts to connect to a remote website to register itself.
Troj/Cidra-A also has the ability to download and execute a file from a remote web site.