Malwarebytes Endpoint Protection Repair Script

[Taylor9]

I created a PowerShell script a few months back to automate the repair of Malwarebytes Endpoint Protection and thought I would share.

If you ever notice that your endpoints are not communicating with the Cloud or you have service issues etc, the script should be able to repair the issue remotely and silently. If there is an issue with the machines cloud config, I also programmed it to run the built in recovery tool ("C:\Program Files\Malwarebytes Endpoint Agent\ConfigurationRecoveryTool.exe"). In my experience the script can resolve most of the issues I have encountered. Below is a screen shot of the script in action and I hope it is helpful!

 

What it does:

1. iterates through list of computer hostnames in a csv file and make sure the computer exists in AD
2. check if the machine is online
3. remote connect via PSSession
4. make sure the cloud version is installed
5. check if the update file still exists in a directory, if so there is a pending software update, your services will not run fully until you reboot the system
6. check the two services start types and make sure they are set to automatic
7. attempt to start the services
8. if the MBEndpointAgentStatus service fails to start, run the Malwarebytes configuration recovery tool and attempt to restart the service again
9. validates the computer can see the Malwarebytes cloud site

 

Requirements: AD windows environment, PowerShell v5 and ps remoting must be enabled

 

Instructions and code: https://github.com/taylornrolyat/Repair-MalwarebytesCloud
 

 

 

[LeeWei]

Very nice and works well for me, thanks @Taylor9 - once I follow your requirements to install ActiveDirectory module and use PowerShell v5.

[Abriggs]

Thanks for the script but i am a little lost on how to use it, where do i put in the path info so the script knows where to pull from?  The instructions really dont help much in terms of setup, an example of what the script looks like setup would be very helpful, sorry i am not the best at powershell.. 

[Taylor9]

@Abriggs 

The example with explanation is on GitHub.

Hostnames need to be placed in a csv file in the same folder the script is located and name it list.csv. Make sure the formatting is like this: 

https://github.com/taylornrolyat/Repair-MalwarebytesCloud/blob/master/list.csv

 

 

[Abriggs]

Thanks for the reply, but I do have the list folder and everything else in the same folder but when i run it i get Path is Null cant find file, so my question is do i need to change any sort of path locations within the script? because just running the script in the folder doesnt seem to work for me.

[Taylor9]

The path is set on lines 36,37. It could be that your version of powershell doesn't support $MyInvocation. 

In that case, you could change this on line 37:

$fixList = "$scriptFolderRoot\list.csv"

To something like this:

$fixList = "C:\users\yourusernamehere\Desktop\MWBScript\list.csv"

 

[exile360]

If you need a more generic path for different users/systems you could use %userprofile%\desktop at the start of the line (assuming it is being run from the user's desktop as in the above example).  Just be sure to enclose the path with quotes to account for the spaces contained in the enumerated path.