If you ever come into a situation where you need to stop the running System Center Endpoint Protection 2012 SP1, you will find out that there is no way to stop the service. Neither in the GUI nor the service Microsoft Antimalware Service (MsMpEng.exe) itself.
After searching a while I found the solution in this thread:
You need two tools, which will help you (not only in this case!): psexec and Process Explorer.
Copy both tools to a folder on the system and start an elevated command promt.
1. Run the command:
%yourpath%psexec.exe –s –i %yourpath%procexp.exe *
*where %yourpath% is the path you saved the tools in
2. After accepting two EULAs (only for the first time) Process Explorer will show up. Search for a process called “MsMpEng.exe” and double click it. Switch to the “services” tab.
3. Click on “Permissions” and give Full Control rights to the Administrators group.
After OKing every window you can open or refresh your services.mmc and you will be able to stop the Microsoft Antimalware Service.
As soon as you start the service again, the permissions will be set back to the original settings.
Christian