Having issues with the Evo Credential Provider and cannot access the machine in question? Using this guide, you should be able to get the credential provider off of the machine. There are a couple ways around this solution.

1. Use EvoCredProSettings.ps1 to remove sole provider
2. Uninstall using EvoInstall.ps1
3. Rename/delete EvoCredProvider.dll

Use EvoCredProSettings.ps1 to remove sole provider

This requires two steps:

• Establish remote PowerShell session
• Run the EvoCredProSettings script

Establish Remote PowerShell Session

The first step is you have to remotely login via PowerShell to the remote computer. You establish a remote Powershell session like this

Enter-PSSession -computer SOMECOMPUTERNAME

You can use help Enter-PSSession if you want to get help on the command. One of the common errors may be that it doesn’t like the credentials. In that case, it is necessary to use Get-Credential command. I typically will call it this way: $creds = Get-Credential mydomain\\myusername so that all I have to enter is the password.

Then you enter Enter-PSSession -computer SOMECOMPUTER -cred $creds

Again, you can use help Enter-PSSession for details.

Run EvoCredProSettings

Now, second step after establishing a remote PowerShell session is to turn off Evo as the sole provider. That can be done with this command:

&'C:\\Program Files\\EvoSecurity\\EvoSecureLogin\\EvoCredProSettings.ps1' '{"OnlyEvoLoginCredential":false}'

After this is run, Evo will no longer be the sole credential provider. Evo could be turned back on by changing the false to true in the last command.

Use EvoInstall to uninstall

If removing Evo CredPro as the sole provider does not work, then the next step would be to uninstall the credential provider. This is done in two steps

• Establish remote PowerShell session
• Run EvoInstall script to remove the credential provider

To establish a remote PowerShell session, use the steps already outlined in the sections above. After having established the remote PowerShell session, execute the following commands in PowerShell

Invoke-WebRequest [<https://download.evosecurity.com/release/installers/evoinstall-latest.zip>](<https://download.evosecurity.com/release/installers/evoinstall-latest.zip>) -o evoinstall.zip
Expand-Archive .\\evoinstall.zip -dest .
.\\EvoInstall.ps1 -remove -product CredPro

Rename/Delete EvoCredProvider.dll

As an item of last resort, the CredPro DLL can be renamed or deleted to block the Evo CredPro from being used.

First, establish a remote PowerShell session as indicated above

Second, follow these steps in PowerShell.

cd ‘C:\\Program Files\\EvoSecurity\\EvoSecureLogin’
ren EvoCredProvider.dll EvoCredProvider.dll.bak
Restart-Computer

Renaming the DLL will cause it to not be loaded. At a later date, it could be restored to its proper name if it is determined what the issue is that is causing problems with the CredPro.

Recovery Console Boot

The above steps were taken using a remote PowerShell. If a user has physical access to the computer, sometimes it is possible to boot into the Windows Recovery Console. For that, you will generally need to go to the manufacturer’s website to determine how to do it on their machine. Often, you will need a key to access the hard disk like the BitLocker key. However, if you are able to boot into the recovery console, then you can rename or delete the EvoCredProvider.dll as mentioned in the previous section , reboot the computer, and the machine will not be using the Evo Credential Provider.