How can I replace a service executable without stopping the service, and what privileges are needed?

Even without stopping the service, you can rename the existing executable (e.g., `rename test.exe test2.exe`) and then rename your malicious file to the original name. This bypasses the 'access denied' error when trying to delete a running file. Note that starting or stopping the service typically requires administrator privileges, but the rename trick works while the service is running.