How to choose an uninstaller for Mac: A transparent evaluation methodology

1. Create a new macOS user or use a fresh session.
2. Gather your configuration:
   • macOS version: _______________
   • hardware (processor, RAM, disk): _______________
   • test date: _______________
3. Quit all unnecessary apps.

1. Gather the following details:
   • Name and version: _______________
   • Source (App Store/website): _______________
   • Price/monetization model: _______________
2. Check the signature and notarization:

   codesign -dv --verbose=2 /path/to/app.app

   Copy

   spctl --assess --verbose /path/to/app.app

   Copy

   Signed? Yes / No. Notarized? Yes / No
   An uninstaller gets Full Disk Access and root privileges. An unsigned tool with that level of access is an increased risk. If unsigned, note it in the report.
3. Install the uninstaller. During installation: does it install third-party software or show ads?
4. Grant Full Disk Access.
5. Launch it, go through the onboarding.

The scripts and instructions below use placeholders, replace them with the actual values for your test app:

How to find the bundle ID: open the app in Finder → right-click → “Show Package Contents” → Contents/Info.plist → CFBundleIdentifier key. Or in Terminal:

mdls -name kMDItemCFBundleIdentifier /Applications/[AppName].app

For each test app:

1. Take a screenshot of a baseline (system state BEFORE installation).
2. Install the test app, launch it, and grant all permissions.
3. Take a screenshot of ground truth (state AFTER installation).
   mkdir -p ~/uninstall-audit/baseline
   OUT=~/uninstall-audit/baseline
   touch “$OUT/BEFORE_INSTALL.marker”
   pkgutil --pkgs | sort > “$OUT/pkgutil_pkgs.txt”
   ls -1 ~/Library/LaunchAgents 2>/dev/null | sort > “$OUT/user_launchagents.txt”
   sudo ls -1 /Library/LaunchAgents 2>/dev/null | sort > “$OUT/lib_launchagents.txt”
   sudo ls -1 /Library/LaunchDaemons 2>/dev/null | sort > “$OUT/lib_launchdaemons.txt”
   sudo ls -1 /Library/PrivilegedHelperTools 2>/dev/null | sort > “$OUT/privileged_helpers.txt”
   ls -1 ~/Library/Containers 2>/dev/null | sort > “$OUT/containers.txt”
   ls -1 ~/Library/Group\ Containers 2>/dev/null | sort > “$OUT/group_containers.txt”

   Copy

4. Install the test app, launch it, grant all permissions.
5. Take a screenshot of ground truth (state AFTER installation):
   mkdir -p ~/uninstall-audit/after
   OUT=~/uninstall-audit/after
   pkgutil --pkgs | sort > “$OUT/pkgutil_pkgs.txt”
   ls -1 ~/Library/LaunchAgents 2>/dev/null | sort > “$OUT/user_launchagents.txt”
   sudo ls -1 /Library/LaunchAgents 2>/dev/null | sort > “$OUT/lib_launchagents.txt”
   sudo ls -1 /Library/LaunchDaemons 2>/dev/null | sort > “$OUT/lib_launchdaemons.txt”
   sudo ls -1 /Library/PrivilegedHelperTools 2>/dev/null | sort > “$OUT/privileged_helpers.txt”
   ls -1 ~/Library/Containers 2>/dev/null | sort > “$OUT/containers.txt”
   ls -1 ~/Library/Group\ Containers 2>/dev/null | sort > “$OUT/group_containers.txt”
   
   # Calculate the difference:
   BASE=~/uninstall-audit/baseline
   AFTER=~/uninstall-audit/after
   GT=~/uninstall-audit/ground_truth
   mkdir -p “$GT”
   comm -13 “$BASE/pkgutil_pkgs.txt” “$AFTER/pkgutil_pkgs.txt” > “$GT/new_receipts.txt”
   comm -13 “$BASE/user_launchagents.txt” “$AFTER/user_launchagents.txt” > “$GT/new_user_la.txt”
   comm -13 “$BASE/lib_launchagents.txt” “$AFTER/lib_launchagents.txt” > “$GT/new_lib_la.txt”
   comm -13 “$BASE/lib_launchdaemons.txt” “$AFTER/lib_launchdaemons.txt” > “$GT/new_lib_ld.txt”
   comm -13 “$BASE/privileged_helpers.txt” “$AFTER/privileged_helpers.txt” > “$GT/new_helpers.txt”
   comm -13 “$BASE/containers.txt” “$AFTER/containers.txt” > “$GT/new_containers.txt”
   comm -13 “$BASE/group_containers.txt” “$AFTER/group_containers.txt” > “$GT/new_gcontainers.txt”
   # By time marker (files not in the lists):
   MARK=”$BASE/BEFORE_INSTALL.marker”
   find ~/Library/Application\ Support -newer “$MARK” 2>/dev/null > “$GT/changed_appsupport.txt”
   find ~/Library/Preferences -newer “$MARK” 2>/dev/null > “$GT/changed_prefs.txt”
   find ~/Library/Caches -newer “$MARK” 2>/dev/null > “$GT/changed_caches.txt”

   Copy

Before the main tests, set up traps to check for false positives:

• Trap A “Naive name search”: Create ~/Documents/[AppName]/ with pdf, jpg, and DO_NOT_DELETE.txt files
• Trap B “Vendor name”: Create ~/Documents/[VendorName]/ and fill it with files
• Trap C “Exports and backups”: Create in ~/Documents: [AppName]-export-2026.zip, [AppName]-backup.json
• Trap D “Shared folder”: Install 2 apps from the same vendor
• Trap E “Same name”: Install two apps with the same name but different bundle IDs

Alternative: minimum set for a quick check

If you are short on time for the full protocol, use a short set of 4 tests:

Set-up for Trap A:

~/Documents/
└── [AppName]/
    ├── report-2026.pdf
    ├── photo.jpg
    └── DO_NOT_DELETE.txt

Expected results:

The set covers criteria: 1.1, 1.2, 1.5, 1.6, 1.8, 1.9, 2.1, 2.4, 2.8

The set does NOT cover (key L1 gaps):

For a complete evaluation, use all 9 classes.

Why it matters: The uninstaller must not suggest removing files that don’t belong to the app. A mistake here means losing user data.

1. Run the uninstallation of a class 1 test app (simple .app).
2. Review the list of suggested files.
3. For each file, check: does it relate to the app being removed (by bundle ID, path)?
4. Compare what’s suggested against ground truth.
5. Check traps A, B, C.
6. Repeat for classes 3, 5, 8.

Why it matters: User documents must not be removed without explicit consent.

1. Use Trap A: ~/Documents/[AppName]/, ~/Desktop/[AppName]/, ~/Downloads/[AppName] files.
2. Proceed with uninstalling this app.
3. Check: does the uninstaller suggest removing these folders/files?
4. If it does, are they pre-selected by default?

Why it matters: Removing a shared folder will break other apps from the same vendor.

1. Use Trap D: 2 apps from the same vendor.
2. Remove only one via the uninstaller.
3. Check: does it suggest removing the shared vendor folder?

Why it matters: A root helper left behind is a process with full privileges running without its app.

1. Pick a class 6 app (with Privileged Helper)
2. Before removal:

   sudo ls /Library/PrivilegedHelperTools/

   Copy

   and

   sudo launchctl list | grep [vendor]

   Copy

3. Remove the app
4. Run the commands again, is the helper gone? Is the service unloaded?

Why it matters: If the binary is deleted but the plist remains, launchd will endlessly try to launch the process.

1. Pick a class 5 app (with LaunchAgent/Daemon).
2. Before removal, take a screenshot of all plists and binaries.
3. Remove via the uninstaller.
4. Check: for each plist, is the binary removed? And vice versa.

5. launchctl list | grep [bundle_id]

   Copy

   - should return nothing.

pkgutil --forget

1. Pick a class 3 or 4 app (PKG installer).
2. Before removal:

   pkgutil --pkgs | grep [vendor]

   Copy

   and

   pkgutil --files [package-id]

   Copy

3. Remove via the uninstaller.
4. Check: are the files from the receipt removed? Is the receipt forgotten?

Why it matters: A VPN profile still active after “uninstalling” the client is a privacy violation.

1. Pick a class 7 app (VPN or Firewall).
2. Before removal: System Settings → VPN & Network, Login Items & Extensions.
3. Remove via the uninstaller.
4. Check: are profiles and extensions removed, or is a warning shown?

Why it matters: An accidental click should not lead to removal.

1. Select any app for removal.
2. Click the remove button.
3. Does a confirmation dialog appear?

Why it matters: The uninstaller must not crash, including when it runs into permission errors.

1. Uninstall apps from all tested classes one after another.
2. Check whether there is any crash or freeze.
3. Try running without Full Disk Access.

Why it matters: The more real artifacts the uninstaller finds, the less junk remains in the system. Recall below 90% means a significant portion of files will remain.

1. Uninstall class 1, 2, 3 apps via the uninstaller.
2. For each app, compare the suggested list against the ground truth.
3. Calculate: Recall = found/ground truth × 100%.
4. Check standard paths: Application Support, Preferences, Caches, Containers, Logs.

Why it matters: LaunchAgents and LaunchDaemons are an app’s background processes. If you don’t remove them, they will keep running and consuming resources.

1. Use a class 5 app.
2. Before removal, take a screenshot of the plist and binary paths.
3. Check: does it show user-level and system-level?

Why it matters: Root helpers in /Library/PrivilegedHelperTools run with admin privileges. The uninstaller should at least show them.

1. Use a class 6 app.
2. Before removal:

   sudo ls /Library/PrivilegedHelperTools/

   Copy

3. Run the uninstaller, does it show the helper in the list?

Why it matters: Apps installed via .pkg scatter files across /Library. Without pkgutil, these files are invisible.

1. Use a class 3 or 4 app.
2. Before removal:

   pkgutil --pkgs | grep [vendor]

   Copy

3. Check: does it find files from the receipt?

Why it matters: Some apps install extensions in Safari or Chrome. Leftover extensions can affect browser privacy and performance.

1. Install an app with a Safari or Chrome extension.
2. Run the uninstaller.
3. Check: does it show the extension in the list?

Why it matters: Login Items and Background Items launch at every login. If you don’t remove them, the app “comes back to life” every time you log in.

1. Use an app with login items.
2. Before removal: System Settings → General → Login Items & Extensions.
3. Check: does it show login items in the list?

Why it matters: If you delete files of a running process, you can end up with a broken system state. The right sequence: stop the service first, then delete the files.

1. Uninstall a class 5 app.
2. Before removal:

   launchctl list | grep [bundle_id]

   Copy

3. Watch: does it unload/stop before deleting?
4. After removal:

   launchctl list | grep [bundle_id]

   Copy

   - Is it empty?

Why it matters: You should see the full list of files BEFORE removal and be able to uncheck anything you don’t want removed.

1. Select an app for removal.
2. Is a full file list shown?
3. Can you view each file (path, size)?
4. Can you check/uncheck items?

Why it matters: Moving to Trash gives you a chance to recover. Permanent removal is dangerous, you can’t undo a mistake.

1. Uninstall an app via the uninstaller.
2. Open Trash, are the files there?
3. Is there a choice between “Trash” and “permanently”?

Why it matters: Even when removing to Trash, an undo button in the uninstaller is more convenient, it restores files to their original locations rather than just pulling them out of Trash into a single folder.

1. Uninstall an app.
2. Is there an undo/restore button?
3. Does the restore work correctly?

Why it matters: App Store apps store their data in ~/Library/Containers and ~/Library/Group Containers. If the uninstaller doesn’t know about these paths, it’ll miss most of the data.

1. Uninstall a class 2 app (App Store sandbox).
2. Does it find ~/Library/Containers/[bundle-id]?
3. Does it find ~/Library/Group Containers/?

Why it matters: The user may have already deleted the .app manually (moved it to Trash), but the leftovers in Library remain. A good uninstaller should be able to find these remaining files.

1. Delete the .app manually (to Trash).
2. Run the uninstaller.
3. Does it find the leftovers? Does it offer to remove them?

Why it matters: Without Full Disk Access (FDA), the uninstaller can’t remove some files. It should make the situation clear, not crash or silently skip.

1. Revoke Full Disk Access.
2. Try to uninstall an app with files in protected paths.
3. Crash? Clear message? Does it keep working?

Why it matters: If the uninstaller can’t remove a file (password required, SIP protection), it should show this and explain why so you can remove it manually.

1. There should be files requiring a password or manual action.
2. Does it display them separately?
3. Does it explain why it can’t remove them and what to do?

Why it matters: You should understand WHY a file is considered linked to the app. “Because the name is similar” is a bad answer. “Because the bundle ID matches” is a good one.

1. Open the list of files to be removed.
2. Can you see a reason why each file relates to the app?
3. Does it use bundle ID, pkg receipt, or path as evidence?

Why it matters: Caches and preferences are safe to remove. But user documents (exports, projects) are not. The uninstaller should separate these categories.

1. Select an app with user data.
2. Is there a separate section for user data?
3. Is user data NOT pre-selected by default?

Why it matters: Two apps can have the same name (e.g., “Notes”) but different bundle IDs. The uninstaller should tell them apart by ID, not by name.

1. Use Trap E: two apps with the same name, different bundle IDs.
2. Uninstall one of them.
3. Does it leave other files untouched?

Why it matters: Nobody wants to wait a minute for each app. Scanning should take seconds, not minutes.

1. Cold start:

   sudo purge && sleep 30

   Copy

2. Run a scan of a single app, time it.
3. Repeat steps 1–2 twice more (3 runs total).
4. Make a note of the median. Dispersion: (max − min)/median ≤ 15%

Why it matters: The “scans for free, charges for removal” trap is a common trick. You should know about the limitations BEFORE the tool spends time scanning.

1. On first launch: are the free version’s limitations clear?
2. Is the price visible before purchase?
3. No trap without warning?

Why it matters: Some apps create symbolic links in /usr/local/bin or Homebrew paths. If you don’t remove them, broken links remain and can interfere with other tools.

1. Use an app with CLI tools.
2. Run the uninstaller.
3. Does it find the links?

Turn on macOS dark mode (System Settings → Appearance → Dark). Does the uninstaller switch?

Turn on VoiceOver (Cmd+F5). Try navigating: menu, app list, and the remove button.

System Settings → General → Language & Region. Switch the language. Does it support 5+ languages?

On first launch: are there tutorial screens? Do they explain how to use it and what permissions are needed?

Help menu or support button. Is there built-in help, FAQ, or a link to support?

When removing risky items (shared folder, system extension), does the warning describe the risk? Recommend an action?

Is there a removal history? Can you see what was removed yesterday/last week?

Can you export scan or removal results to a file (CSV, PDF, text)?

Is there a “reset to factory settings” feature, removing preferences and caches without uninstalling the app itself?

After removal, does the uninstaller check what’s left? Does it warn about critical leftovers (helpers, daemons)?

Does it find Keychain entries linked to the app? Does it offer to remove them with an explicit choice (opt-in)?

If the app installs a menu bar agent or input method, does the uninstaller find these components?

For apps with network extensions (VPN, firewall) or KEXT, does the uninstaller show them? Does it provide removal instructions?

Is there a search or filter field in the list of found files?

Can you sort the found files by size, type, and location?

Close the uninstaller after scanning. Open it again. Are the results still there?

Drag the .app from Finder into the uninstaller window. Does it trigger removal?

When an error occurs (no permissions, file locked), does it show advice on how to fix the problem?

Install a network monitor (Little Snitch, FireWally, or similar). Run the uninstaller, perform a typical scenario. Does it send data to external servers without the user’s knowledge (besides checking for updates)? Did it install third-party software during installation?