Parent page of this data file: https://divinity-in-action.com/articles/pegasusspyware/macbooks/ Spyware Found on Irina Bright’s MacBooks, Which May Be Related to Pegasus Spyware. File name: Google_Chrome_Helper_2018-02-23-154255_Irinas-MacBook-Pro.wakeups_resource.diag Downloaded from: McBook > Library_Logs_DiagnosticReports. Date/Time: 2018-02-23 15:37:52.758620 +0000 OS Version: Mac OS X 10.13.3 (Build 17D102) Architecture: x86_64 Report Version: 19 Command: Google Chrome Helper Path: /Applications/Google Chrome.app/Contents/Versions/64.0.3282.167/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper Version: 64.0.3282.167 (3282.167) Parent: Google Chrome [688] Responsible: Google Chrome [688] PID: 5279 Event: wakeups Wakeups: 45001 wakeups over the last 279 seconds (161 wakeups per second average), exceeding limit of 150 wakeups per second over 300 seconds Action taken: none Duration: 278.69s Steps: 130 Hardware model: MacBookPro9,2 Active cpus: 4 Fan speed: 1998 rpm Powerstats for: Google Chrome He [5279] UUID: 2E6F17DF-BCE7-3217-AD28-F044D11AC430 Start time: 2018-02-23 15:38:15 +0000 End time: 2018-02-23 15:42:31 +0000 Microstackshots: 130 samples (100%) Primary state: 76 samples Non-Frontmost App, User mode, Effective Thread QoS Unspecified, Requested Thread QoS Unspecified, Override Thread QoS Unspecified User Activity: 0 samples Idle, 130 samples Active Power Source: 0 samples on Battery, 130 samples on AC 127 _pthread_start + 377 (libsystem_pthread.dylib) [0x7fff543fa56d] 127 _pthread_body + 340 (libsystem_pthread.dylib) [0x7fff543fa6c1] 127 ??? (Google Chrome Framework + 31252583) [0x113abe067] 127 ??? (Google Chrome Framework + 31274827) [0x113ac374b] 127 ??? (Google Chrome Framework + 31070164) [0x113a917d4] 127 ??? (Google Chrome Framework + 30926638) [0x113a6e72e] 127 ??? (Google Chrome Framework + 30930591) [0x113a6f69f] 127 CFRunLoopRunSpecific + 487 (CoreFoundation) [0x7fff2c7bd787] 70 __CFRunLoopRun + 1293 (CoreFoundation) [0x7fff2c7bdf2d] 66 __CFRunLoopDoSources0 + 208 (CoreFoundation) [0x7fff2c7beab0] 59 __CFRunLoopDoSource0 + 108 (CoreFoundation) [0x7fff2c89326c] 59 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 (CoreFoundation) [0x7fff2c7dba21] 58 ??? (Google Chrome Framework + 30927887) [0x113a6ec0f] 58 ??? (Google Chrome Framework + 30871098) [0x113a60e3a] 47 ??? (Google Chrome Framework + 30929667) [0x113a6f303] 46 ??? (Google Chrome Framework + 30922276) [0x113a6d624] 39 ??? (Google Chrome Framework + 30920628) [0x113a6cfb4] 26 ??? (Google Chrome Framework + 30771564) [0x113a4896c] 19 ??? (Google Chrome Framework + 1699754) [0x111e8efaa] 19 ??? (Google Chrome Framework + 30923807) [0x113a6dc1f] 19 ??? (Google Chrome Framework + 30910351) [0x113a6a78f] 19 ??? (Google Chrome Framework + 30910487) [0x113a6a817] 15 CFRunLoopWakeUp + 283 (CoreFoundation) [0x7fff2c7ac78b] 15 mach_msg_trap + 10 (libsystem_kernel.dylib) [0x7fff542b57c2] 14 2 pthread_mutex_unlock + 120 (libsystem_pthread.dylib) [0x7fff543f87c0] 2 pthread_mutex_unlock + 7 (libsystem_pthread.dylib) [0x7fff543f874f] 5 ??? (Google Chrome Framework + 1699500) [0x111e8eeac] 5 ??? (Google Chrome Framework + 1801879) [0x111ea7e97] 5 ??? (Google Chrome Framework + 96951742) [0x117965dbe] 3 ??? (Google Chrome Framework + 77556168) [0x1166e69c8] 3 ??? (Google Chrome Framework + 77556734) [0x1166e6bfe] 1 ??? (Google Chrome Framework + 94156849) [0x1176bb831] 1 ??? (Google Chrome Framework + 94345982) [0x1176e9afe] 1 pthread_getspecific + 9 (libsystem_pthread.dylib) [0x7fff543f8a14] 1 ??? (Google Chrome Framework + 94157015) [0x1176bb8d7] 1 _pthread_mutex_unlock_slow + 459 (libsystem_pthread.dylib) [0x7fff543f8990] 1 ??? (Google Chrome Framework + 94156875) [0x1176bb84b] 1 ??? (Google Chrome Framework + 94306244) [0x1176dffc4] 1 ??? (Google Chrome Framework + 94164446) [0x1176bd5de] 1 ??? (Google Chrome Framework + 94200479) [0x1176c629f] 1 pthread_mutex_unlock + 20 (libsystem_pthread.dylib) [0x7fff543f875c] 2 ??? (Google Chrome Framework + 77555842) [0x1166e6882] 1 ??? (Google Chrome Framework + 52587169) [0x114f16aa1] 1 ??? (Google Chrome Framework + 77615977) [0x1166f5369] 2 ??? (Google Chrome Framework + 1699684) [0x111e8ef64] 1 ??? (Google Chrome Framework + 1578168) [0x111e714b8] 1 ??? (Google Chrome Framework + 30909766) [0x113a6a546] 1 ??? (Google Chrome Framework + 30909744) [0x113a6a530] 7 ??? (Google Chrome Framework + 30771572) [0x113a48974] 2 free + 96 (libsystem_malloc.dylib) [0x7fff543186bd] 1 ??? (Google Chrome Framework + 31466873) [0x113af2579] 1 ??? (Google Chrome Framework + 31466871) [0x113af2577] 2 free + 33 (libsystem_malloc.dylib) [0x7fff5431867e] 1 free_tiny + 136 (libsystem_malloc.dylib) [0x7fff5432f068] 1 szone_size + 353 (libsystem_malloc.dylib) [0x7fff543189ca] 1 szone_size + 96 (libsystem_malloc.dylib) [0x7fff543188c9] 2 operator delete(void*) + 3 (libc++abi.dylib) [0x7fff521f96c7] 1 ??? (Google Chrome Framework + 30771567) [0x113a4896f] 1 free_tiny + 1 (libsystem_malloc.dylib) [0x7fff5432efe1] 1 tiny_malloc_from_free_list + 1160 (libsystem_malloc.dylib) [0x7fff5431865d] 1 ??? (Google Chrome Framework + 1578449) [0x111e715d1] 2 ??? (Google Chrome Framework + 30920635) [0x113a6cfbb] 2 ??? (Google Chrome Framework + 30920940) [0x113a6d0ec] 2 ??? (Google Chrome Framework + 25527988) [0x1135486b4] 1 ??? (Google Chrome Framework + 30920994) [0x113a6d122] 1 ??? (Google Chrome Framework + 25528273) [0x1135487d1] 1 ??? (Google Chrome Framework + 30921098) [0x113a6d18a] 1 ??? (Google Chrome Framework + 31024437) [0x113a86535] 9 ??? (Google Chrome Framework + 30929734) [0x113a6f346] 4 +[NSObject release] + 1 (libobjc.A.dylib) [0x7fff5357b6ee] 2 _CFAutoreleasePoolPop + 1 (CoreFoundation) [0x7fff2c77e661] 2 -[NSAutoreleasePool drain] + 144 (Foundation) [0x7fff2e89e4f5] 1 +[Protocol load] + 9 (libobjc.A.dylib) [0x7fff53577d11] 1 _CFAutoreleasePoolPop + 22 (CoreFoundation) [0x7fff2c77e676] 1 (anonymous namespace)::AutoreleasePoolPage::pop(void*) + 30 (libobjc.A.dylib) [0x7fff53577d34] 1 objc_removeAssociatedObjects + 5 (libobjc.A.dylib) [0x7fff5357b6f3] 1 -[NSAutoreleasePool drain] + 1 (Foundation) [0x7fff2e89e466] 1 objc_msgSend + 26 (libobjc.A.dylib) [0x7fff53574e9a] 1 ??? (Google Chrome Framework + 30871099) [0x113a60e3b] 2 __CFRunLoopDoSource0 + 129 (CoreFoundation) [0x7fff2c893281] 2 kdebug_trace + 33 (libsystem_kernel.dylib) [0x7fff542baa7e] 1 kdebug_is_enabled + 6 (libsystem_kernel.dylib) [0x7fff542baa17] 1 kdebug_is_enabled + 21 (libsystem_kernel.dylib) [0x7fff542baa26] 2 kdebug_is_enabled + 76 (libsystem_kernel.dylib) [0x7fff542baa5d] 1 __CFRunLoopDoSource0 + 140 (CoreFoundation) [0x7fff2c89328c] 1 kdebug_trace + 1 (libsystem_kernel.dylib) [0x7fff542baa5e] 1 DYLD-STUB$$issetugid + 6 (CoreFoundation) [0x7fff2c9297f0] 2 CFRelease + 1 (CoreFoundation) [0x7fff2c749641] 1 __CFRunLoopDoSources0 + 127 (CoreFoundation) [0x7fff2c7bea5f] 1 CFSetApplyFunction + 192 (CoreFoundation) [0x7fff2c78d5a0] 1 CFBasicHashApply + 128 (CoreFoundation) [0x7fff2c77a1b0] 1 __CFSetApplyFunction_block_invoke + 18 (CoreFoundation) [0x7fff2c78d602] 1 __CFRunLoopCollectSources0 + 31 (CoreFoundation) [0x7fff2c7bebaf] 1 __CFRunLoopDoSources0 + 333 (CoreFoundation) [0x7fff2c7beb2d] 1 _CFRelease + 193 (CoreFoundation) [0x7fff2c893c61] 39 __CFRunLoopRun + 1783 (CoreFoundation) [0x7fff2c7be117] 33 __CFRunLoopServiceMachPort + 341 (CoreFoundation) [0x7fff2c7bedc5] 33 mach_msg_trap + 10 (libsystem_kernel.dylib) [0x7fff542b57c2] 33 3 kdebug_trace + 1 (libsystem_kernel.dylib) [0x7fff542baa5e] 1 __CFRunLoopServiceMachPort + 286 (CoreFoundation) [0x7fff2c7bed8e] 1 voucher_mach_msg_adopt + 26 (libsystem_kernel.dylib) [0x7fff542a37fe] 1 __CFRunLoopServiceMachPort + 408 (CoreFoundation) [0x7fff2c7bee08] 1 voucher_mach_msg_adopt + 155 (libdispatch.dylib) [0x7fff5413f58a] 12 __CFRunLoopRun + 2427 (CoreFoundation) [0x7fff2c7be39b] 5 __CFRunLoopDoTimers + 346 (CoreFoundation) [0x7fff2c7c6bca] 4 __CFRunLoopDoTimer + 380 (CoreFoundation) [0x7fff2c7c6dfc] 4 mk_timer_cancel + 10 (libsystem_kernel.dylib) [0x7fff542b5942] 4 1 __CFRunLoopDoTimer + 324 (CoreFoundation) [0x7fff2c7c6dc4] 1 _pthread_mutex_unlock_slow + 185 (libsystem_pthread.dylib) [0x7fff543f887e] 4 __CFRunLoopDoTimers + 407 (CoreFoundation) [0x7fff2c7c6c07] 2 ??? (Google Chrome Framework + 49981009) [0x114c9a651] 2 -[__NSArrayM dealloc] + 76 (CoreFoundation) [0x7fff2c76736c] 1 ??? (Google Chrome Framework + 49981120) [0x114c9a6c0] 1 ??? (Google Chrome Framework + 49981207) [0x114c9a717] 1 _thread_stack_pcs + 1 (libsystem_c.dylib) [0x7fff541c5818] 2 __CFRunLoopDoTimers + 201 (CoreFoundation) [0x7fff2c7c6b39] 1 CFArrayCreateMutable + 135 (CoreFoundation) [0x7fff2c75fc77] 1 _objc_rootAlloc + 33 (libobjc.A.dylib) [0x7fff5357890e] 1 +[__NSArrayM __new:::] + 36 (CoreFoundation) [0x7fff2c863bb4] 1 __CFAllocateObject2 + 15 (CoreFoundation) [0x7fff2c742eff] 1 class_createInstance + 87 (libobjc.A.dylib) [0x7fff53574cc3] 1 calloc + 30 (libsystem_malloc.dylib) [0x7fff543195d6] 1 malloc_zone_calloc + 87 (libsystem_malloc.dylib) [0x7fff54318cc0] 1 ??? (Google Chrome Framework + 31465585) [0x113af2071] 1 ??? (Google Chrome Framework + 31465585) [0x113af2071] 1 szone_malloc_should_clear + 422 (libsystem_malloc.dylib) [0x7fff54317403] 1 get_tiny_free_size + 68 (libsystem_malloc.dylib) [0x7fff54319639] 1 __CFRunLoopDoTimers + 144 (CoreFoundation) [0x7fff2c7c6b00] 1 -[__NSCFArray objectAtIndex:] + 53 (CoreFoundation) [0x7fff2c7d4b75] 1 _CFArrayCheckAndGetValueAtIndex + 102 (CoreFoundation) [0x7fff2c7d4c26] 2 __CFRunLoopRun + 1322 (CoreFoundation) [0x7fff2c7bdf4a] 2 __CFRunLoopRun + 1504 (CoreFoundation) [0x7fff2c7be000] 1 __CFRunLoopRun + 1299 (CoreFoundation) [0x7fff2c7bdf33] 1 __CFRunLoopRun + 1517 (CoreFoundation) [0x7fff2c7be00d] 2 1 main + 1788 (Google Chrome Helper) [0x10ebc049c] 1 ChromeMain + 175 (Google Chrome Framework) [0x111cf416f] 1 ??? (Google Chrome Framework + 26706564) [0x113668284] 1 ??? (Google Chrome Framework + 52763115) [0x114f419eb] 1 ??? (Google Chrome Framework + 26709199) [0x113668ccf] 1 ??? (Google Chrome Framework + 97486024) [0x1179e84c8] 1 ??? (Google Chrome Framework + 31070164) [0x113a917d4] 1 ??? (Google Chrome Framework + 30926638) [0x113a6e72e] 1 ??? (Google Chrome Framework + 30931278) [0x113a6f94e] 1 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 277 (Foundation) [0x7fff2e8a9c16] 1 CFRunLoopRunSpecific + 487 (CoreFoundation) [0x7fff2c7bd787] 1 __CFRunLoopRun + 1293 (CoreFoundation) [0x7fff2c7bdf2d] 1 __CFRunLoopDoSources0 + 208 (CoreFoundation) [0x7fff2c7beab0] 1 __CFRunLoopDoSource0 + 108 (CoreFoundation) [0x7fff2c89326c] 1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 (CoreFoundation) [0x7fff2c7dba21] 1 ??? (Google Chrome Framework + 30927887) [0x113a6ec0f] 1 ??? (Google Chrome Framework + 30871098) [0x113a60e3a] 1 ??? (Google Chrome Framework + 30929642) [0x113a6f2ea] 1 ??? (Google Chrome Framework + 30921722) [0x113a6d3fa] 1 ??? (Google Chrome Framework + 30926871) [0x113a6e817] 1 CFRunLoopTimerSetNextFireDate + 537 (CoreFoundation) [0x7fff2c7d2019] 1 __CFRepositionTimerInMode + 135 (CoreFoundation) [0x7fff2c7928d7] 1 __CFArmNextTimerInMode + 418 (CoreFoundation) [0x7fff2c792cc2] 1 _dispatch_event_loop_poke + 649 (libdispatch.dylib) [0x7fff541532d2] 1 _dispatch_kq_drain + 119 (libdispatch.dylib) [0x7fff54153736] 1 kevent_qos + 10 (libsystem_kernel.dylib) [0x7fff542bff0a] 1 Binary Images: 0x10ebbf000 - 0x10ebcbff7 com.google.Chrome.helper 64.0.3282.167 (3282.167) <2E6F17DF-BCE7-3217-AD28-F044D11AC430> /Applications/Google Chrome.app/Contents/Versions/64.0.3282.167/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper 0x111cf0000 - 0x118a80f77 com.google.Chrome.framework 64.0.3282.167 (3282.167) /Applications/Google Chrome.app/Contents/Versions/64.0.3282.167/Google Chrome Framework.framework/Versions/A/Google Chrome Framework 0x7fff2c73c000 - 0x7fff2cbd5fff com.apple.CoreFoundation 6.9 (1451) <739D6558-3DF3-3181-AA07-BBE3882D3B7F> /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation 0x7fff2e889000 - 0x7fff2ec4efff com.apple.Foundation 6.9 (1451) /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation 0x7fff521f8000 - 0x7fff5221cff7 libc++abi.dylib (400.7) <217656D5-BC40-37FF-B322-91CB2AAD4F34> /usr/lib/libc++abi.dylib 0x7fff5356e000 - 0x7fff5395f3b7 libobjc.A.dylib (723) <37A7D77E-952C-3F5D-970B-3CDE349B2322> /usr/lib/libobjc.A.dylib 0x7fff54134000 - 0x7fff5416dff7 libdispatch.dylib (913.30.4) <7D0E3183-282B-3FEE-A734-2C0ADC092084> /usr/lib/system/libdispatch.dylib 0x7fff541be000 - 0x7fff54247ff7 libsystem_c.dylib (1244.30.3) /usr/lib/system/libsystem_c.dylib 0x7fff542a3000 - 0x7fff542c8ff7 libsystem_kernel.dylib (4570.41.2) <5155A4C3-825B-3178-AC51-0D2D2F2A6618> /usr/lib/system/libsystem_kernel.dylib 0x7fff54315000 - 0x7fff54334fff libsystem_malloc.dylib (140.40.1) <36B22C99-D772-3039-9A4C-AA31389965E1> /usr/lib/system/libsystem_malloc.dylib 0x7fff543f7000 - 0x7fff54402fff libsystem_pthread.dylib (301.30.1) /usr/lib/system/libsystem_pthread.dylib