Threat Description



Category: Malware
Platform: W32
Aliases: Cidra.D


Cidra.D was discovered on 10th of March 2004. It's a trojan proxy, allowing to use users' computers to relay information, i.e. unsolicited email.


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More scanning & removal options

More information on scanning or removal options is available in the documentation for your F-Secure security product on the Downloads section of our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Contact Support

For further assistance, F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.

Technical Details

Installation to system

The trojan will add an entry to the Windows registry aiming at being run every time Windows starts. The key will be:


Which will point where the file is initially run from.

Spreading in

Cidra.D does not spread by itself. It was massively spammed.


It will relay connections though infected computers, giving its creator a massively distributed distribution channel for spam and other content.


Detection for this malware was published on March 10th, 2004 in the following F-Secure Anti-Virus updates:

Detection Type: PC
Database: 2004-03-10_02

Technical Details:Ero Carrera, March 10th, 2004


Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More