Parent page of this data file: https://divinity-in-action.com/articles/pegasusspyware/macbooks/ Spyware Found on Irina Bright’s MacBooks, Which May Be Related to Pegasus Spyware. File name: Google_Chrome_Helper_2018-02-11-102505_Irinas-MacBook-Pro.wakeups_resource.diag Downloaded from: McBook > Library_Logs_DiagnosticReports. Date/Time: 2018-02-11 10:22:51.234548 +0000 OS Version: Mac OS X 10.13.3 (Build 17D47) Architecture: x86_64 Report Version: 19 Command: Google Chrome Helper Path: /Applications/Google Chrome.app/Contents/Versions/63.0.3239.132/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper Version: 63.0.3239.132 (3239.132) Parent: Google Chrome [455] Responsible: Google Chrome [455] PID: 461 Event: wakeups Wakeups: 45002 wakeups over the last 105 seconds (430 wakeups per second average), exceeding limit of 150 wakeups per second over 300 seconds Action taken: none Duration: 104.57s Steps: 42 Hardware model: MacBookPro9,2 Active cpus: 4 Fan speed: 2006 rpm Powerstats for: Google Chrome He [461] UUID: 7F43B4AF-3D3B-3B68-8678-CECC17444D5F Start time: 2018-02-11 10:22:55 +0000 End time: 2018-02-11 10:24:35 +0000 Microstackshots: 42 samples (100%) Primary state: 28 samples Non-Frontmost App, Kernel mode, Effective Thread QoS Unspecified, Requested Thread QoS Unspecified, Override Thread QoS Unspecified User Activity: 0 samples Idle, 42 samples Active Power Source: 0 samples on Battery, 42 samples on AC 39 _pthread_start + 377 (libsystem_pthread.dylib) [0x7fff6827c56d] 39 _pthread_body + 340 (libsystem_pthread.dylib) [0x7fff6827c6c1] 37 figThreadMain + 277 (CoreMedia) [0x7fff4160812b] 26 ??? (MediaToolbox + 2664728) [0x7fff44854918] 25 FigSemaphoreWaitRelative + 156 (CoreMedia) [0x7fff4160829e] 24 WaitOnConditionTimed + 92 (CoreMedia) [0x7fff41608ffd] 24 __psynch_cvwait + 10 (libsystem_kernel.dylib) [0x7fff68140cee] 1 pthread_cond_timedwait + 7 (libsystem_pthread.dylib) [0x7fff6827df53] 1 1 FigSemaphoreWaitRelative + 229 (CoreMedia) [0x7fff416082e7] 1 11 ??? (MediaToolbox + 2664513) [0x7fff44854841] 11 ??? (MediaToolbox + 2661678) [0x7fff44853d2e] 11 CMTimebaseGetTime + 77 (CoreMedia) [0x7fff41614a77] 11 figTimebaseGetMasterTime + 113 (CoreMedia) [0x7fff41614ba3] 11 CMClockGetTime + 60 (CoreMedia) [0x7fff41614c55] 7 CMClockGetAnchorTime + 109 (CoreMedia) [0x7fff41614ce4] 7 _pthread_mutex_lock_slow + 253 (libsystem_pthread.dylib) [0x7fff6827a551] 7 __psynch_mutexwait + 10 (libsystem_kernel.dylib) [0x7fff68140d1e] 6 4 CMClockGetAnchorTime + 320 (CoreMedia) [0x7fff41614db7] 4 _pthread_mutex_unlock_slow + 459 (libsystem_pthread.dylib) [0x7fff6827a990] 3 __psynch_mutexdrop + 10 (libsystem_kernel.dylib) [0x7fff68140d06] 1 _pthread_mutex_unlock_drop + 36 (libsystem_pthread.dylib) [0x7fff6827cb45] 1 2 ??? (AppleGVA + 233197) [0x7fff5032deed] 1 ??? (AppleGVA + 233754) [0x7fff5032e11a] 1 _pthread_mutex_lock_slow + 253 (libsystem_pthread.dylib) [0x7fff6827a551] 1 __psynch_mutexwait + 10 (libsystem_kernel.dylib) [0x7fff68140d1e] 1 1 ??? (AppleGVA + 233746) [0x7fff5032e112] 1 ??? (AppleGVA + 232942) [0x7fff5032ddee] 1 ??? (AppleIntelHD4000GraphicsVADriver + 186535) [0x114fe78a7] 1 IOAccelContextFinishFenceEvent + 41 (IOAccelerator) [0x7fff5a6327c2] 1 IOConnectCallScalarMethod + 76 (IOKit) [0x7fff42dec6c1] 1 io_connect_method + 369 (IOKit) [0x7fff42de9197] 1 mach_msg_trap + 10 (libsystem_kernel.dylib) [0x7fff681377c2] 1 3 main + 1788 (Google Chrome Helper) [0x1094b447c] 3 ChromeMain + 175 (Google Chrome Framework) [0x1094d966f] 3 ??? (Google Chrome Framework + 25556324) [0x10ad35564] 3 ??? (Google Chrome Framework + 50707178) [0x10c531aea] 3 ??? (Google Chrome Framework + 25558970) [0x10ad35fba] 3 ??? (Google Chrome Framework + 93898931) [0x10ee628b3] 3 ??? (Google Chrome Framework + 29902004) [0x10b15a4b4] 3 ??? (Google Chrome Framework + 29759214) [0x10b1376ee] 3 ??? (Google Chrome Framework + 29763167) [0x10b13865f] 3 CFRunLoopRunSpecific + 487 (CoreFoundation) [0x7fff4063f787] 3 __CFRunLoopRun + 1293 (CoreFoundation) [0x7fff4063ff2d] 3 __CFRunLoopDoSources0 + 208 (CoreFoundation) [0x7fff40640ab0] 3 __CFRunLoopDoSource0 + 108 (CoreFoundation) [0x7fff4071526c] 3 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 (CoreFoundation) [0x7fff4065da21] 3 ??? (Google Chrome Framework + 29760463) [0x10b137bcf] 3 ??? (Google Chrome Framework + 29701178) [0x10b12943a] 3 ??? (Google Chrome Framework + 29762218) [0x10b1382aa] 3 ??? (Google Chrome Framework + 29754425) [0x10b136439] 3 ??? (Google Chrome Framework + 29753156) [0x10b135f44] 3 ??? (Google Chrome Framework + 29602428) [0x10b11127c] 2 ??? (Google Chrome Framework + 49986599) [0x10c481c27] 2 ??? (Google Chrome Framework + 49979438) [0x10c48002e] 2 ??? (Google Chrome Framework + 49979287) [0x10c47ff97] 2 _CFRelease + 300 (CoreFoundation) [0x7fff40715ccc] 2 CVPixelBuffer::finalize() + 142 (CoreVideo) [0x7fff42213a92] 2 _CFRelease + 300 (CoreFoundation) [0x7fff40715ccc] 2 CVBufferBacking::finalize() + 44 (CoreVideo) [0x7fff422155a8] 2 CFNotificationCenterPostNotification + 126 (CoreFoundation) [0x7fff4065ab0e] 2 _CFXNotificationPost + 652 (CoreFoundation) [0x7fff40612b8c] 2 -[_CFXNotificationRegistrar find:object:observer:enumerator:] + 1826 (CoreFoundation) [0x7fff40613af2] 2 ___CFXNotificationPost_block_invoke + 50 (CoreFoundation) [0x7fff40654ec2] 2 _CFXRegistrationPost + 442 (CoreFoundation) [0x7fff4065517a] 2 __CFNOTIFICATIONCENTER_IS_CALLING_OUT_TO_AN_OBSERVER__ + 12 (CoreFoundation) [0x7fff4065528c] 2 ??? (MediaToolbox + 2664325) [0x7fff44854785] 2 CAImageQueueDeleteBuffer + 170 (QuartzCore) [0x7fff4b80e44a] 2 CAImageQueueBuffer::~CAImageQueueBuffer() + 14 (QuartzCore) [0x7fff4b80e500] 2 CAImageQueueBuffer::~CAImageQueueBuffer() + 33 (QuartzCore) [0x7fff4b80e537] 2 CA::Render::Surface::~Surface() + 14 (QuartzCore) [0x7fff4b80e5b4] 2 CA::Render::Surface::~Surface() + 94 (QuartzCore) [0x7fff4b80e62a] 2 -[IOSurface dealloc] + 30 (IOSurface) [0x7fff42e861bf] 2 IOSurfaceClientRelease + 53 (IOSurface) [0x7fff42e849cb] 2 _ioSurfaceClientRelease + 86 (IOSurface) [0x7fff42e86d94] 2 IOConnectCallMethod + 186 (IOKit) [0x7fff42de8fc4] 2 io_connect_method + 369 (IOKit) [0x7fff42de9197] 2 mach_msg_trap + 10 (libsystem_kernel.dylib) [0x7fff681377c2] 2 1 ??? (Google Chrome Framework + 46278667) [0x10c0f880b] 1 ??? (Google Chrome Framework + 47345217) [0x10c1fce41] 1 ??? (Google Chrome Framework + 47372112) [0x10c203750] 1 ??? (Google Chrome Framework + 47394416) [0x10c208e70] 1 ??? (Google Chrome Framework + 47399499) [0x10c20a24b] 1 ??? (Google Chrome Framework + 47400043) [0x10c20a46b] 1 ??? (Google Chrome Framework + 45500760) [0x10c03a958] 1 ??? (Google Chrome Framework + 45795475) [0x10c082893] 1 ??? (Google Chrome Framework + 45723436) [0x10c070f2c] 1 ??? (Google Chrome Framework + 47437442) [0x10c213682] 1 ??? (Google Chrome Framework + 47436265) [0x10c2131e9] 1 ??? (Google Chrome Framework + 47407393) [0x10c20c121] 1 ??? (Google Chrome Framework + 2980699) [0x1097adb5b] 1 ??? (Google Chrome Framework + 2995455) [0x1097b14ff] 1 ??? (Google Chrome Framework + 29856783) [0x10b14f40f] 1 realloc + 253 (libsystem_malloc.dylib) [0x7fff6819b86c] 1 malloc_zone_realloc + 111 (libsystem_malloc.dylib) [0x7fff6819b979] 1 ??? (Google Chrome Framework + 30301881) [0x10b1bbeb9] 1 ??? (Google Chrome Framework + 30301881) [0x10b1bbeb9] 1 _platform_memmove + 102 (libsystem_platform.dylib) [0x7fff682723c0] 1 Binary Images: 0x1094b3000 - 0x1094bfff7 com.google.Chrome.helper 63.0.3239.132 (3239.132) <7F43B4AF-3D3B-3B68-8678-CECC17444D5F> /Applications/Google Chrome.app/Contents/Versions/63.0.3239.132/Google Chrome Helper.app/Contents/MacOS/Google Chrome Helper 0x1094d6000 - 0x110063f87 com.google.Chrome.framework 63.0.3239.132 (3239.132) /Applications/Google Chrome.app/Contents/Versions/63.0.3239.132/Google Chrome Framework.framework/Versions/A/Google Chrome Framework 0x114fba000 - 0x11510dfff com.apple.AppleIntelHD4000GraphicsVADriver 10.30.14 (10.3.0) <193F496E-7443-3FA7-8A6A-44B33BBBE121> /System/Library/Extensions/AppleIntelHD4000GraphicsVADriver.bundle/Contents/MacOS/AppleIntelHD4000GraphicsVADriver 0x7fff405be000 - 0x7fff40a57fff com.apple.CoreFoundation 6.9 (1451) <739D6558-3DF3-3181-AA07-BBE3882D3B7F> /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation 0x7fff41604000 - 0x7fff416e5fff com.apple.CoreMedia 1.0 (2270.12.1) /System/Library/Frameworks/CoreMedia.framework/Versions/A/CoreMedia 0x7fff42205000 - 0x7fff4223fff3 com.apple.CoreVideo 1.8 (279.2) /System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo 0x7fff42de5000 - 0x7fff42e80fff com.apple.framework.IOKit 2.0.2 <9CFA07B9-BA6E-31E4-AD4F-C47071A8C522> /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit 0x7fff42e82000 - 0x7fff42e89ffb com.apple.IOSurface 209.2.2 (209.2.2) <6D35A601-1C47-37BE-AD31-F8EB88F67573> /System/Library/Frameworks/IOSurface.framework/Versions/A/IOSurface 0x7fff445ca000 - 0x7fff44be5fff com.apple.MediaToolbox 1.0 (2270.12.1) <40802884-1347-3CDC-AAD3-D046463A528E> /System/Library/Frameworks/MediaToolbox.framework/Versions/A/MediaToolbox 0x7fff4b77c000 - 0x7fff4b9c4fff com.apple.QuartzCore 1.11 (584.8.102) <4479AF33-E6EA-3037-A2C1-3C6F12B1260A> /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore 0x7fff502f5000 - 0x7fff503d9ff7 com.apple.AppleGVAFramework 11.3.7 (11.3.7) <83FE7EB9-935E-362E-A269-DA9DF13804E5> /System/Library/PrivateFrameworks/AppleGVA.framework/Versions/A/AppleGVA 0x7fff5a630000 - 0x7fff5a637ffb com.apple.IOAccelerator 376.6 (376.6) /System/Library/PrivateFrameworks/IOAccelerator.framework/Versions/A/IOAccelerator 0x7fff68125000 - 0x7fff6814aff7 libsystem_kernel.dylib (4570.41.2) <5155A4C3-825B-3178-AC51-0D2D2F2A6618> /usr/lib/system/libsystem_kernel.dylib 0x7fff68197000 - 0x7fff681b6fff libsystem_malloc.dylib (140.40.1) <36B22C99-D772-3039-9A4C-AA31389965E1> /usr/lib/system/libsystem_malloc.dylib 0x7fff68271000 - 0x7fff68278ff7 libsystem_platform.dylib (161.20.1) /usr/lib/system/libsystem_platform.dylib 0x7fff68279000 - 0x7fff68284fff libsystem_pthread.dylib (301.30.1) /usr/lib/system/libsystem_pthread.dylib