Applications that strictly comply with Apple’s software design guidelines for OS X and don’t need to be deeply integrated into the operating system, are usually installed by a simple “drag and drop” operation. This means no actual installation is necessary, you just drag the application icon into one of your application folders and can launch it immediately.
For “Apps” bought from the Mac App Store, new, modified rules apply: Apps are installed automatically and they should be removed with the Launchpad application only.
However, OS X automatically creates additional files when you work with a new application, for example files to store the personal preference settings for each user, or cache folders for download files, when applications are accessing the Internet to search for automatic updates, etc. You can simply “uninstall” a drag-and-drop application by dragging its icon to the Trash. This won’t remove all the aforementioned other support files, however. This is were the uninstallation assistant of TinkerTool System can help.
It is possible to let TinkerTool System search for software components automatically, offering the potential candidates for the uninstallation assistant. The found components will be listed in a table with their names, icons, paths, version numbers, and the dates of last usage. TinkerTool System can search for the following categories of software:
To use the search, perform the following steps:
The job of the uninstallation assistant is to help you to identify all associated components that might have been created by the software component you want to remove. You can let TinkerTool System automatically remove the other files and folders as well, cleaning the entire computer. There are in fact four different levels of clean-up you can choose from:
If you are using the search levels (3) or (4), TinkerTool System will allow you to delete files and folders which are owned by other users. This is a dangerous option which should be used by experienced system administrators only. Please verify each object carefully before you are actually going to delete it.
There are applications which completely hide where and how they store the data or documents you create when using that application (“shoebox apps”). Other applications may give you a choice to define individual file names for documents, but also use their own private area to store the files. Please keep in mind that the user documents created by such applications might be removed as well when you perform an uninstallation.
Before any object is removed, TinkerTool System will list each affected item. You can then decide for each single object whether you actually want to remove it. Perform the following steps:
Note that nothing is going to be removed yet. TinkerTool System will always analyze your selection first and display the items which would be affected. The program will begin to search for these objects after you have pressed the Prepare removal… button. You can interrupt and cancel the search at any time by pressing the STOP button which will appear while the search is running. Note that a search run can take several minutes if your computer or your network hosts a high number of user accounts and you have selected one of the search levels affecting each user.
After the search has ended, all candidates for possible removal will be listed in a table. The table contains the following columns:
The total number of selected objects and the total storage size is displayed right under the table. The two buttons in the lower left corner allow you to select
TinkerTool System does not allow you to bypass the security features of OS X. Although this feature allows you to delete objects owned by other users, you cannot use it to spy out the contents of private files. For this reason, it is not possible to display detail information of files which are neither owned by you or by the operating system, or to move items to the Trash for which you don’t have access.
The selected objects will be removed when you press the Remove button. All objects remain untouched when pressing the Cancel button.
TinkerTool System automatically creates a detailed report on the components you are removing. It will be displayed after and while the removal takes place. After the operation has been completed, you can either save the report to a text file, or print it by pressing the respective buttons in the report sheet.
The list of objects suggested for removal is computed according to Apple’s software design guidelines for OS X. Please note that a few applications may not be fully compliant with these guidelines. In this case, the list of removal candidates might not be complete. This means there could be objects which have been created by the application in question, but have been omitted in the list. It could also occur (although this is very unlikely) that objects are included in the list but have actually not been created by the selected application, so they should not be deleted. Please verify each object carefully before using the removal function.
If you are removing an application which is member of your list of login items, it will be removed from the list as well without reporting this in the table of deletion candidates. For technical reasons, this clean-up is limited to the current user, even if you had selected a search level including all users.
TinkerTool System contains several security features that prevent you from removing important parts of the system. You cannot remove components which are official part of OS X. You also cannot remove applications which are currently running on the local computer.
You should never use this function for software components which have not been installed by a drag-and-drop operation. Applications that came with their own installers or have been using the OS X Installer, which includes Apps from the Mac App Store, usually had a technical reason to do so. In this case it is very likely that more than the usual components have been installed in the system, so they are not following the rules for self-contained applications. The Uninstallation Assistant cannot work as designed in that case. You should remove such applications following the instructions of their vendors.
To be protected against malicious software, OS X uses several different security techniques that complement each other:
TinkerTool System can evaluate a given software component, such as an application, an executable file or a signed software distribution disk image, against all mentioned security checks, showing all details. This allows you to verify the integrity, the source, and the overall security assessment of this software.
Checking a software product is very simple. Just perform the following steps:
TinkerTool System and the security features of OS X will now analyze the selected software. This may take a few seconds, depending on the size of the bundle and the number of embedded subcomponents. The results will be displayed in the lower half of the window:
Apple has defined a high number of entitlements which are not documented, so they are not known to the general public. Only Apple, and in some cases a few selected developers who could not solve problems with the sandbox otherwise when using the known standard set of entitlements in their applications, have permission to use these undocumented “holes” in the sandbox. TinkerTool System lists these entitlements with the notice Unofficial entitlement and the internal name Apple uses for the related right.
Many applications that are part of OS X are shown with the Gatekeeper assessment Reject. This is not an error, but the correct result. Most of Apple’s built-in applications indeed do not comply with Apple’s own security guidelines. However, this won’t matter because the affected programs have not been downloaded off the Internet and come from a source trusted by Apple.
A software distribution disk image can contain multiple applications. If you are testing such an image file, TinkerTool System will only show the security assessment for the container itself. Information exclusive to applications (like sandbox protection) will be missing. An sealed image file should guarantee that its checksummed contents is authentic as well. However, to see the actual results for the individual applications, you’ll have to open the image and point TinkerTool System to one the files inside.
Only modern disk images can be signed. This security feature is mainly used for software products targeting macOS 10.12 or later. For operating systems prior to macOS 10.12, Gatekeeper does not assess the security of DMG files.
Even operating systems like OS X that follow high security standards can become victims of social tricks that make the user install software which manipulate the system. In such cases, the user is persuaded that it would be an advantage to enter the administrator password to install some “good” component. However, this privileged mode is then abused to make some other changes as well, often against the user’s interest. An object that lets the user actively disable the security mechanisms of the system only by psychological influence and not by exploiting security holes is called a Trojan Horse. If the software using such a trick does not violate any laws and its authors identify themselves correctly, there won’t always be a legally possible way for Apple to prevent the launch of a such an application technically. This means that the Gatekeeper features mentioned in the previous section may or may not protect against software of that type. So-called ad-injection software (in short adware), falls into this category.
As of OS X version 10.10.3 or later, Gatekeeper is capable of detecting specific adware and typical container mechanisms used to hide and spread such programs.
Adware applications are often installed as hidden byproduct of a different program, but make critical changes to the system. Typical signs of adware are:
TinkerTool System can help you to detect specific types of familiar adware and to remove it by a simple mouse-click. For technical reasons, one or more restarts of the computer can be necessary during the removal procedure. The application will guide you automatically through all steps.
If active adware or critical traces of formerly installed adware are found, TinkerTool System will display one or more warning messages for each type of software in the window. Press the button Remove next to the respective warning line to start the removal procedure. TinkerTool System also shows the current homepage and search engine settings of the Safari web browser. If you think that your preferred settings have been manipulated, you should open the preferences panel of Safari after all adware has been removed to review these entries. It is also recommended to review the list of extensions in the preferences panel. If you are using other Internet browsers different from Safari, you should make similar checks there as well.
As of Safari version 9.1.1 or later, the home page entry is protected cryptographically and can no longer by manipulated or be displayed by other applications.
To ensure that all parts of the adware are removed reliably, you should not interrupt the removal procedure in any way. Please provide the administrator credentials when OS X asks for them, and perform the necessary restarts as fast as possible when they are required.
Some adware is installed system-wide (for all user accounts), while other programs are user-specific. In some cases, it could be necessary to repeat the scan for each user account on your computer.
The providers of adware might intentionally change their products in the future to make detection and removal more difficult. For this reason, TinkerTool System may not detect or remove adware types which were unknown at the time of release. Both, the set of most critical adware types, and the technical details for their detection are based on official support guidelines from Apple.
The current version of TinkerTool System 4 follows the guidelines available in April 2016. For operating system versions released after that date, it is Apple’s policy to let the Apple Malware Removal Tool (MRT), remove adware automatically while the user logs in. The MRT is a hidden, built-in component of OS X which is updated permanently by Apple behind the scenes.