Malwarebytes Endpoint Protection blocks DNS communications on an Active Directory server where a DNS server is present. Symptoms include the inability to resolve any hostnames to IPs. Disabling Web Protection is insufficient to resolve the problem as the driver MWAC.SYS remains loaded.
A workaround is to add an additional DNS Address for the server's own IP address using its loopback address 127.0.0.1. This workaround bypasses the problem. It is consistent with Microsoft's recommendation to:
Add the loopback IP address to the list of DNS servers on all active interfaces. The loopback IP address should not be the first server in the list.