Unrecognized User in my "EfiLoginUI" file (accessed by Root), and unrecognized Personal Shadow Keys? Have I Been Hacked?

someonesin24 wrote:

I've been concerned that my Mac has been remotely accessed

Don't be.

someone suggested that I check if the root user could be logged into as a sign

Someone is trolling you for their entertainment. I see many posts like yours. They often attract attention from malicious people trying to deceive you.

Is this normal? One seems to be tied to my zoom account and the file updated at the exact time of the call?

Yes. It is normal.

A fundamental aspect of the internet misinformation to which you've fallen victim is the idea that the built-in Apple security cannot be trusted, and random 3rd party software is more trustworthy. This is a classic psychological manipulation technique where the victim is isolated from their friends and family.

Have I been hacked?

No. you have not been hacked.

how do I wipe this in the correct way?

Here are instructions from Apple about how to erase your Mac: Erase your Mac - Apple Support

But you don't need to erase your Mac unless you have followed any kind of instructions from the internet. Your Mac was in its most secure configuration the day you opened the box and turned it on the first time. Any changes that you've made, and any 3rd party software you've installed, have reduced your security. In most cases, with normal apps, that isn't a big risk. But 3rd party "security" or "privacy" are always the most problematic.

someonesin24 wrote:

Why would my ex roommate’s name be on those EfiLoginUi files then

That's just the name of the files. Apple often uses cryptic codewords for file names and never explains why. Those files have been on every Mac sold for years. I'm sure there is no relationship to your ex-roommate.

why would the files be shutting off access to me when I gave myself access an hour ago?

Apple's built-in operating system files are always restricted. Otherwise, people and 3rd party apps would regularly be breaking the system and making it unbootable. People would then take the computer back to Apple and demand Apple fix it or give them a refund.

In many cases, the reason for a certain behaviour in software is just to prevent certain problems caused by users.

I dont have any 3rd party “security”apps besides Malwarebytes (which I uninstalled) and etresoft.

I don't know the details of your computer. Such apps are extremely popular so I just assume they are installed.

I have other 3rd party software, but any professional has 3rd party software.

There's nothing wrong with 3rd party software if it provides some useful functionality or solves some specific problem. But the most popular consumer apps these days are simply scams. The developers are well-funded and have literally painted the internet with ads. That's really all it takes.

The advice wasn’t from online btw.

Doesn't mean I'm wrong.

Also are you the guy who wrote etresoft?

How do you know I'm a guy? Technically, I'm a corporation, which has no gender.