This exploit leverages a file write vulnerability in the print spooler service which will restart if stopped. Because the service cannot be stopped long enough to remove the dll, there is no way to remove the dll once it is loaded by the service. Essentially, on default settings, this module adds a permanent elevated backdoor.
88e1248d5e21e3a00dd23e98ab5d2075610af6a2f071e96ac3de2656c5624198
PC-Doctor Toolbox versions prior to 7.3 suffer from a dll hijacking vulnerability.
a3caa20f8f363eb2d158aaa53fad6e96b7bad0b7cd2bce56c1a045364b3c40d0