Hello.
No plug-in/anti-virus will find all infected/malicious files for you. Without experience in such cases, you are also unlikely to figure it out on your own, so it’s better to immediately contact a specialist (I can help, if anything).
If you made backup copies of the site, then try to roll back to the most current one that was before the site was hacked, then look in the logs through what / how the site was hacked and eliminate the threat (most often this is either a very weak password for the site administrator's account, or a leaky plugin).

As a temporary solution, on the server side, completely closed access to the WordPress admin panel (gives error code 403 now). So that hackers who hacked into the site could not climb there and set all sorts of 301 redirects.

You already have a shell there, so this measure will not hurt anyone (except you). Roughly speaking, at this stage, WordPress itself is of no particular value to an attacker.

And I found a user with admin rights that I did not assign. And I can't remove it...

Because somewhere in the files there is code that automatically re-creates the user every time the site loads. Most likely this is some kind of theme file, but you need to check everything in general in your case. One such file lit up in the screenshot - this is

/wp-content/themes/twentytwentyone/inc/template-functions.php

but there may be others elsewhere.

And any hints if the scripts in the pictures above tell you something.

And without pictures, it is clear that you need to check the entire site.

Plus, it turns out there was some kind of password leak. I read this in the settings of the Google Chrome browser.

The password leak is more likely not related to the current problem with the site, but is related to leaks of various databases over the past few years. Apparently, there are some of your logins / emails / passwords in these merged databases, which the browser reported about.
ZY: Avira is better to take out immediately in the trash - this is not an antivirus, but an unsuccessful joke. Windows Defender will be better, or the same Eset Nod32.
ZZY: and be more careful on porn sites :)
ZZZY: you have a pack of PRO-versions of plug-ins on your site. Bought, or warez?

Windows 7 is kind of leaky, at least install windows 8 industry pro

download WP and plugins clean from the office. sources, the same versions. And look at the differences in the code. Jokes with undeletable even entries - from this series.

But what about backups? The left administrator can be deleted from a DB.