Parent page of this data file: https://divinity-in-action.com/articles/pegasusspyware/macbooks/ Spyware Found on Irina Bright’s MacBooks, Which May Be Related to Pegasus Spyware. File name: Google_Chrome_Helper_2018-02-16-104533_Irinas-MacBook-Pro.wakeups_resource.diag Downloaded from: McBook > Library_Logs_DiagnosticReports. Date/Time: 2018-02-16 10:41:27.535167 +0000 OS Version: Mac OS X 10.13.3 (Build 17D47) Architecture: x86_64 Report Version: 19 Command: Google Chrome Helper Path: /Applications/Google Chrome.app/Contents/Versions/63.0.3239.132/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper Version: 63.0.3239.132 (3239.132) Parent: Google Chrome [455] Responsible: Google Chrome [455] PID: 24044 Event: wakeups Wakeups: 45002 wakeups over the last 242 seconds (186 wakeups per second average), exceeding limit of 150 wakeups per second over 300 seconds Action taken: none Duration: 241.84s Steps: 89 Hardware model: MacBookPro9,2 Active cpus: 4 Fan speed: 1976 rpm Powerstats for: Google Chrome He [24044] UUID: 7F43B4AF-3D3B-3B68-8678-CECC17444D5F Start time: 2018-02-16 10:41:31 +0000 End time: 2018-02-16 10:45:26 +0000 Microstackshots: 89 samples (100%) Primary state: 42 samples Non-Frontmost App, Kernel mode, Effective Thread QoS Unspecified, Requested Thread QoS Unspecified, Override Thread QoS Unspecified User Activity: 0 samples Idle, 89 samples Active Power Source: 0 samples on Battery, 89 samples on AC 68 _pthread_start + 377 (libsystem_pthread.dylib) [0x7fff6827c56d] 68 _pthread_body + 340 (libsystem_pthread.dylib) [0x7fff6827c6c1] 68 ??? (Google Chrome Framework + 30083687) [0x101f9ea67] 68 ??? (Google Chrome Framework + 30105771) [0x101fa40ab] 68 ??? (Google Chrome Framework + 29902004) [0x101f724b4] 67 ??? (Google Chrome Framework + 29759214) [0x101f4f6ee] 67 ??? (Google Chrome Framework + 29763167) [0x101f5065f] 67 CFRunLoopRunSpecific + 487 (CoreFoundation) [0x7fff4063f787] 44 __CFRunLoopRun + 1783 (CoreFoundation) [0x7fff40640117] 43 __CFRunLoopServiceMachPort + 341 (CoreFoundation) [0x7fff40640dc5] 43 mach_msg_trap + 10 (libsystem_kernel.dylib) [0x7fff681377c2] 2 1 kdebug_is_enabled + 76 (libsystem_kernel.dylib) [0x7fff6813ca5d] 1 14 __CFRunLoopRun + 1293 (CoreFoundation) [0x7fff4063ff2d] 14 __CFRunLoopDoSources0 + 208 (CoreFoundation) [0x7fff40640ab0] 14 __CFRunLoopDoSource0 + 108 (CoreFoundation) [0x7fff4071526c] 14 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 (CoreFoundation) [0x7fff4065da21] 13 ??? (Google Chrome Framework + 29760463) [0x101f4fbcf] 13 ??? (Google Chrome Framework + 29701178) [0x101f4143a] 7 ??? (Google Chrome Framework + 29762243) [0x101f502c3] 5 ??? (Google Chrome Framework + 29754772) [0x101f4e594] 5 ??? (Google Chrome Framework + 29753156) [0x101f4df44] 5 ??? (Google Chrome Framework + 29602428) [0x101f2927c] 3 ??? (Google Chrome Framework + 1592108) [0x100472b2c] 3 ??? (Google Chrome Framework + 1693464) [0x10048b718] 3 ??? (Google Chrome Framework + 94983230) [0x105d8343e] 3 ??? (Google Chrome Framework + 76008550) [0x104b6ac66] 3 ??? (Google Chrome Framework + 76009118) [0x104b6ae9e] 3 ??? (Google Chrome Framework + 92462907) [0x105b1bf3b] 3 ??? (Google Chrome Framework + 92606548) [0x105b3f054] 2 ??? (Google Chrome Framework + 92469890) [0x105b1da82] 2 ??? (Google Chrome Framework + 92506239) [0x105b2687f] 2 ??? (Google Chrome Framework + 92527012) [0x105b2b9a4] 2 pthread_mutex_trylock + 99 (libsystem_pthread.dylib) [0x7fff6827d012] 2 1 ??? (Google Chrome Framework + 92469848) [0x105b1da58] 1 ??? (Google Chrome Framework + 92506302) [0x105b268be] 1 2 ??? (Google Chrome Framework + 1592306) [0x100472bf2] 2 ??? (Google Chrome Framework + 29756383) [0x101f4ebdf] 2 ??? (Google Chrome Framework + 29742815) [0x101f4b6df] 2 ??? (Google Chrome Framework + 29742951) [0x101f4b767] 2 CFRunLoopWakeUp + 283 (CoreFoundation) [0x7fff4062e78b] 2 mach_msg_trap + 10 (libsystem_kernel.dylib) [0x7fff681377c2] 1 2 ??? (Google Chrome Framework + 29754513) [0x101f4e491] 2 ??? (Google Chrome Framework + 29745329) [0x101f4c0b1] 2 ??? (Google Chrome Framework + 1473554) [0x100455c12] 2 ??? (Google Chrome Framework + 29741856) [0x101f4b320] 2 4 ??? (Google Chrome Framework + 29762218) [0x101f502aa] 3 ??? (Google Chrome Framework + 29754218) [0x101f4e36a] 3 ??? (Google Chrome Framework + 29759447) [0x101f4f7d7] 3 CFRunLoopTimerSetNextFireDate + 537 (CoreFoundation) [0x7fff40654019] 3 __CFRepositionTimerInMode + 135 (CoreFoundation) [0x7fff406148d7] 3 __CFArmNextTimerInMode + 612 (CoreFoundation) [0x7fff40614d84] 3 1 ??? (Google Chrome Framework + 29754425) [0x101f4e439] 1 ??? (Google Chrome Framework + 29753156) [0x101f4df44] 1 ??? (Google Chrome Framework + 29602428) [0x101f2927c] 1 ??? (Google Chrome Framework + 24440370) [0x101a3ce32] 1 ??? (Google Chrome Framework + 24448482) [0x101a3ede2] 1 ??? (Google Chrome Framework + 29602428) [0x101f2927c] 1 ??? (Google Chrome Framework + 44871253) [0x102db8e55] 1 ??? (Google Chrome Framework + 44872398) [0x102db92ce] 1 ??? (Google Chrome Framework + 44863489) [0x102db7001] 1 1 ??? (Google Chrome Framework + 29762205) [0x101f5029d] 1 +[NSAutoreleasePool allocWithZone:] + 32 (Foundation) [0x7fff4270f057] 1 1 ??? (Google Chrome Framework + 29762310) [0x101f50306] 1 -[NSAutoreleasePool drain] + 144 (Foundation) [0x7fff427204f5] 1 objc_autoreleasePoolPop + 5 (libobjc.A.dylib) [0x7fff673f9d16] 1 1 ??? (Google Chrome Framework + 29760467) [0x101f4fbd3] 1 6 __CFRunLoopRun + 2427 (CoreFoundation) [0x7fff4064039b] 2 __CFRunLoopDoTimers + 144 (CoreFoundation) [0x7fff40648b00] 1 -[__NSCFArray objectAtIndex:] + 53 (CoreFoundation) [0x7fff40656b75] 1 _CFArrayCheckAndGetValueAtIndex + 102 (CoreFoundation) [0x7fff40656c26] 1 1 -[__NSCFArray objectAtIndex:] + 29 (CoreFoundation) [0x7fff40656b5d] 1 2 __CFRunLoopDoTimers + 215 (CoreFoundation) [0x7fff40648b47] 1 -[__NSArrayM insertObject:atIndex:] + 284 (CoreFoundation) [0x7fff405e5e9c] 1 malloc_set_zone_name + 219 (libsystem_malloc.dylib) [0x7fff6819919a] 1 1 -[__NSArrayM insertObject:atIndex:] + 270 (CoreFoundation) [0x7fff405e5e8e] 1 2 __CFRunLoopDoTimers + 201 (CoreFoundation) [0x7fff40648b39] 2 CFArrayCreateMutable + 126 (CoreFoundation) [0x7fff405e1c6e] 2 2 pthread_mutex_lock + 7 (libsystem_pthread.dylib) [0x7fff6827a3dc] 2 1 __CFRunLoopRun + 1267 (CoreFoundation) [0x7fff4063ff13] 1 __CFRunLoopDoObservers + 511 (CoreFoundation) [0x7fff4065d34f] 1 ??? (Google Chrome Framework + 29760721) [0x101f4fcd1] 1 1 ??? (Google Chrome Framework + 29758748) [0x101f4f51c] 1 ??? (Google Chrome Framework + 30321937) [0x101fd8d11] 1 21 main + 1788 (Google Chrome Helper) [0x1002cc47c] 21 ChromeMain + 175 (Google Chrome Framework) [0x1002f166f] 21 ??? (Google Chrome Framework + 25556324) [0x101b4d564] 21 ??? (Google Chrome Framework + 50707178) [0x103349aea] 21 ??? (Google Chrome Framework + 25558970) [0x101b4dfba] 21 ??? (Google Chrome Framework + 95480227) [0x105dfc9a3] 21 ??? (Google Chrome Framework + 29902004) [0x101f724b4] 21 ??? (Google Chrome Framework + 29759214) [0x101f4f6ee] 21 ??? (Google Chrome Framework + 29763854) [0x101f5090e] 21 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 277 (Foundation) [0x7fff4272bc16] 21 CFRunLoopRunSpecific + 487 (CoreFoundation) [0x7fff4063f787] 15 __CFRunLoopRun + 1293 (CoreFoundation) [0x7fff4063ff2d] 15 __CFRunLoopDoSources0 + 208 (CoreFoundation) [0x7fff40640ab0] 15 __CFRunLoopDoSource0 + 108 (CoreFoundation) [0x7fff4071526c] 15 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 (CoreFoundation) [0x7fff4065da21] 15 ??? (Google Chrome Framework + 29760463) [0x101f4fbcf] 15 ??? (Google Chrome Framework + 29701178) [0x101f4143a] 10 ??? (Google Chrome Framework + 29762243) [0x101f502c3] 10 ??? (Google Chrome Framework + 29754772) [0x101f4e594] 10 ??? (Google Chrome Framework + 29753156) [0x101f4df44] 10 ??? (Google Chrome Framework + 29602428) [0x101f2927c] 9 ??? (Google Chrome Framework + 24440370) [0x101a3ce32] 7 ??? (Google Chrome Framework + 24448482) [0x101a3ede2] 7 ??? (Google Chrome Framework + 29602428) [0x101f2927c] 3 ??? (Google Chrome Framework + 45377771) [0x102e348eb] 2 ??? (Google Chrome Framework + 45381175) [0x102e35637] 2 ??? (Google Chrome Framework + 94781105) [0x105d51eb1] 2 ??? (Google Chrome Framework + 81491593) [0x1050a5689] 2 ??? (Google Chrome Framework + 86317374) [0x10553f93e] 2 ??? (Google Chrome Framework + 80378633) [0x104f95b09] 2 ??? (Google Chrome Framework + 80135084) [0x104f5a3ac] 2 ??? (Google Chrome Framework + 74013084) [0x10498399c] 2 ??? (Google Chrome Framework + 73628105) [0x1049259c9] 2 ??? (Google Chrome Framework + 16362287) [0x101288b2f] 2 ??? (Google Chrome Framework + 19376572) [0x1015689bc] 2 ??? (Google Chrome Framework + 19377143) [0x101568bf7] 2 ??? [0x38f5cfe040ff] 2 ??? [0x38f5cfe59db9] 2 ??? [0x38f5cfe5b610] 2 ??? [0x38f5cfe553ff] 2 ??? [0x38f5cfe5b610] 2 ??? [0x38f5cfe553ff] 2 ??? [0x38f5cfe5b610] 2 ??? [0x38f5cfe5b610] 2 ??? [0x38f5cfe5b610] 2 ??? [0x38f5cfe5b610] 2 ??? [0x38f5cfe5b610] 2 ??? [0x38f5cfe5b610] 2 ??? [0x38f5cfe236dd] 2 ??? [0x38f5cfe0469d] 2 ??? (Google Chrome Framework + 21972011) [0x1017e242b] 2 ??? (Google Chrome Framework + 20558404) [0x101689244] 2 ??? (Google Chrome Framework + 20565174) [0x10168acb6] 2 ??? (Google Chrome Framework + 19217793) [0x101541d81] 2 1 ??? (Google Chrome Framework + 45381229) [0x102e3566d] 1 ??? (Google Chrome Framework + 95412609) [0x105dec181] 1 ??? (Google Chrome Framework + 81482166) [0x1050a31b6] 1 ??? (Google Chrome Framework + 86318046) [0x10553fbde] 1 ??? (Google Chrome Framework + 81747332) [0x1050e3d84] 1 ??? (Google Chrome Framework + 81750309) [0x1050e4925] 1 ??? (Google Chrome Framework + 81756280) [0x1050e6078] 1 ??? (Google Chrome Framework + 81755811) [0x1050e5ea3] 1 ??? (Google Chrome Framework + 79873701) [0x104f1a6a5] 1 3 ??? (Google Chrome Framework + 75958558) [0x104b5e91e] 3 ??? (Google Chrome Framework + 75957506) [0x104b5e502] 3 ??? (Google Chrome Framework + 24420415) [0x101a3803f] 3 ??? (Google Chrome Framework + 24423930) [0x101a38dfa] 2 ??? (Google Chrome Framework + 24424549) [0x101a39065] 2 ??? (Google Chrome Framework + 24419898) [0x101a37e3a] 2 ??? (Google Chrome Framework + 29855869) [0x101f6707d] 2 1 ??? (Google Chrome Framework + 24424592) [0x101a39090] 1 ??? (Google Chrome Framework + 24425573) [0x101a39465] 1 ??? (Google Chrome Framework + 24426038) [0x101a39636] 1 1 ??? (Google Chrome Framework + 75958577) [0x104b5e931] 1 ??? (Google Chrome Framework + 81560085) [0x1050b6215] 1 ??? (Google Chrome Framework + 73507250) [0x1049081b2] 1 ??? (Google Chrome Framework + 73628105) [0x1049259c9] 1 ??? (Google Chrome Framework + 16362287) [0x101288b2f] 1 ??? (Google Chrome Framework + 19376572) [0x1015689bc] 1 ??? (Google Chrome Framework + 19377143) [0x101568bf7] 1 ??? [0x38f5cfe040ff] 1 ??? [0x38f5cfe59db9] 1 ??? [0x38f5cfe5b610] 1 ??? [0x38f5cfe1c782] 1 1 ??? (Google Chrome Framework + 76187712) [0x104b96840] 1 1 ??? (Google Chrome Framework + 24449409) [0x101a3f181] 1 ??? (Google Chrome Framework + 40780705) [0x1029d23a1] 1 1 ??? (Google Chrome Framework + 24440677) [0x101a3cf65] 1 ??? (Google Chrome Framework + 24451303) [0x101a3f8e7] 1 ??? (Google Chrome Framework + 24482540) [0x101a472ec] 1 ??? (Google Chrome Framework + 29756383) [0x101f4ebdf] 1 ??? (Google Chrome Framework + 29742815) [0x101f4b6df] 1 ??? (Google Chrome Framework + 29742951) [0x101f4b767] 1 CFRunLoopWakeUp + 283 (CoreFoundation) [0x7fff4062e78b] 1 mach_msg_trap + 10 (libsystem_kernel.dylib) [0x7fff681377c2] 1 5 ??? (Google Chrome Framework + 29762218) [0x101f502aa] 5 ??? (Google Chrome Framework + 29754425) [0x101f4e439] 5 ??? (Google Chrome Framework + 29753156) [0x101f4df44] 5 ??? (Google Chrome Framework + 29602428) [0x101f2927c] 5 ??? (Google Chrome Framework + 24440370) [0x101a3ce32] 5 ??? (Google Chrome Framework + 24448482) [0x101a3ede2] 5 ??? (Google Chrome Framework + 29602428) [0x101f2927c] 2 ??? (Google Chrome Framework + 80367260) [0x104f92e9c] 2 ??? (Google Chrome Framework + 80370181) [0x104f93a05] 2 ??? (Google Chrome Framework + 80360601) [0x104f91499] 2 ??? (Google Chrome Framework + 80359921) [0x104f911f1] 2 ??? (Google Chrome Framework + 80360502) [0x104f91436] 2 ??? (Google Chrome Framework + 73512366) [0x1049095ae] 2 ??? (Google Chrome Framework + 73512037) [0x104909465] 2 ??? (Google Chrome Framework + 73509658) [0x104908b1a] 2 ??? (Google Chrome Framework + 73619939) [0x1049239e3] 2 ??? (Google Chrome Framework + 73621398) [0x104923f96] 2 ??? (Google Chrome Framework + 73631237) [0x104926605] 2 ??? (Google Chrome Framework + 73630428) [0x1049262dc] 2 ??? (Google Chrome Framework + 16299707) [0x1012796bb] 2 ??? (Google Chrome Framework + 17231617) [0x10135cf01] 2 ??? (Google Chrome Framework + 17224556) [0x10135b36c] 2 ??? (Google Chrome Framework + 16593985) [0x1012c1441] 2 ??? (Google Chrome Framework + 20945743) [0x1016e7b4f] 2 ??? (Google Chrome Framework + 20900333) [0x1016dc9ed] 2 2 ??? (Google Chrome Framework + 45377771) [0x102e348eb] 1 ??? (Google Chrome Framework + 45381175) [0x102e35637] 1 ??? (Google Chrome Framework + 94781105) [0x105d51eb1] 1 ??? (Google Chrome Framework + 81491593) [0x1050a5689] 1 ??? (Google Chrome Framework + 86317374) [0x10553f93e] 1 ??? (Google Chrome Framework + 80378633) [0x104f95b09] 1 ??? (Google Chrome Framework + 80135084) [0x104f5a3ac] 1 ??? (Google Chrome Framework + 74013084) [0x10498399c] 1 ??? (Google Chrome Framework + 73628105) [0x1049259c9] 1 ??? (Google Chrome Framework + 16362287) [0x101288b2f] 1 ??? (Google Chrome Framework + 19376572) [0x1015689bc] 1 ??? (Google Chrome Framework + 19377143) [0x101568bf7] 1 ??? [0x38f5cfe040ff] 1 ??? [0x38f5cfe59db9] 1 ??? [0x38f5cfe5b610] 1 ??? [0x38f5cfe5b610] 1 ??? [0x38f5cfe123eb] 1 ??? [0x38f5cfe0469d] 1 ??? (Google Chrome Framework + 20221692) [0x101636efc] 1 ??? (Google Chrome Framework + 22153927) [0x10180eac7] 1 ??? (Google Chrome Framework + 20798646) [0x1016c3cb6] 1 ??? (Google Chrome Framework + 20798993) [0x1016c3e11] 1 ??? (Google Chrome Framework + 20743050) [0x1016b638a] 1 ??? (Google Chrome Framework + 20234758) [0x10163a206] 1 ??? (Google Chrome Framework + 74216362) [0x1049b53aa] 1 ??? (Google Chrome Framework + 73429357) [0x1048f516d] 1 ??? (Google Chrome Framework + 79027011) [0x104e4bb43] 1 ??? (Google Chrome Framework + 79179674) [0x104e70f9a] 1 ??? (Google Chrome Framework + 79280441) [0x104e89939] 1 ??? (Google Chrome Framework + 79305926) [0x104e8fcc6] 1 ??? (Google Chrome Framework + 79346915) [0x104e99ce3] 1 ??? (Google Chrome Framework + 79350175) [0x104e9a99f] 1 ??? (Google Chrome Framework + 79372680) [0x104ea0188] 1 1 ??? (Google Chrome Framework + 45381229) [0x102e3566d] 1 ??? (Google Chrome Framework + 95412609) [0x105dec181] 1 ??? (Google Chrome Framework + 81482166) [0x1050a31b6] 1 ??? (Google Chrome Framework + 86318046) [0x10553fbde] 1 ??? (Google Chrome Framework + 81747696) [0x1050e3ef0] 1 ??? (Google Chrome Framework + 81751055) [0x1050e4c0f] 1 ??? (Google Chrome Framework + 86801565) [0x1055b5c9d] 1 ??? (Google Chrome Framework + 86801925) [0x1055b5e05] 1 ??? (Google Chrome Framework + 86803926) [0x1055b65d6] 1 1 ??? (Google Chrome Framework + 24484898) [0x101a47c22] 1 ??? (Google Chrome Framework + 24483601) [0x101a47711] 1 ??? (Google Chrome Framework + 24486415) [0x101a4820f] 1 ??? (Google Chrome Framework + 24485928) [0x101a48028] 1 ??? (Google Chrome Framework + 75964248) [0x104b5ff58] 1 ??? (Google Chrome Framework + 24174021) [0x1019fbdc5] 1 ??? (Google Chrome Framework + 24143753) [0x1019f4789] 1 ??? (Google Chrome Framework + 24151733) [0x1019f66b5] 1 2 __CFRunLoopRun + 1783 (CoreFoundation) [0x7fff40640117] 2 __CFRunLoopServiceMachPort + 341 (CoreFoundation) [0x7fff40640dc5] 2 mach_msg_trap + 10 (libsystem_kernel.dylib) [0x7fff681377c2] 2 2 __CFRunLoopRun + 2427 (CoreFoundation) [0x7fff4064039b] 2 __CFRunLoopDoTimers + 346 (CoreFoundation) [0x7fff40648bca] 2 __CFRunLoopDoTimer + 380 (CoreFoundation) [0x7fff40648dfc] 2 mk_timer_cancel + 10 (libsystem_kernel.dylib) [0x7fff68137942] 2 2 __CFRunLoopRun + 1542 (CoreFoundation) [0x7fff40640026] 2 _kernelrpc_mach_port_insert_member_trap + 10 (libsystem_kernel.dylib) [0x7fff68137762] 2 Binary Images: 0x1002cb000 - 0x1002d7ff7 com.google.Chrome.helper 63.0.3239.132 (3239.132) <7F43B4AF-3D3B-3B68-8678-CECC17444D5F> /Applications/Google Chrome.app/Contents/Versions/63.0.3239.132/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper 0x1002ee000 - 0x106e7bf87 com.google.Chrome.framework 63.0.3239.132 (3239.132) /Applications/Google Chrome.app/Contents/Versions/63.0.3239.132/Google Chrome Framework.framework/Versions/A/Google Chrome Framework 0x7fff405be000 - 0x7fff40a57fff com.apple.CoreFoundation 6.9 (1451) <739D6558-3DF3-3181-AA07-BBE3882D3B7F> /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation 0x7fff4270b000 - 0x7fff42ad0fff com.apple.Foundation 6.9 (1451) /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation 0x7fff673f0000 - 0x7fff677e13b7 libobjc.A.dylib (723) <37A7D77E-952C-3F5D-970B-3CDE349B2322> /usr/lib/libobjc.A.dylib 0x7fff68125000 - 0x7fff6814aff7 libsystem_kernel.dylib (4570.41.2) <5155A4C3-825B-3178-AC51-0D2D2F2A6618> /usr/lib/system/libsystem_kernel.dylib 0x7fff68197000 - 0x7fff681b6fff libsystem_malloc.dylib (140.40.1) <36B22C99-D772-3039-9A4C-AA31389965E1> /usr/lib/system/libsystem_malloc.dylib 0x7fff68279000 - 0x7fff68284fff libsystem_pthread.dylib (301.30.1) /usr/lib/system/libsystem_pthread.dylib