Troj/DwnLdr-HCM is a downloader and information-stealing Trojan for the Windows platform.

When run Troj/DwnLdr-HCM creates the file (System)\acrobat.dll (also detected as Troj/DwnLdr-HCM). The Trojan subsequently sets the following registry entries so that it can run on startup:

HKCR\CLSID\{BD942DA7-96C8-4342-84C6-E2BCFE69FE11}\InprocServer32 (default)
System\acrobat.dll


HKCR\CLSID\{BD942DA7-96C8-4342-84C6-E2BCFE69FE11}\InprocServer32
ThreadingModel
Apartment

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Adobe Acrobat ActiveX Control
Rundll32 acrobat.dll,AInit

Troj/DwnLdr-HCM also overwrites the Windows HOSTS file.

More information can be found at this Sophos page.