Thanks for donating, you can register all you sites under the same email address and then the keys will all be on the same account so that your donations count towards all of them 
My plugin should remove the malicious code from your infected files to stop the spread of this script, but if you already have a bunch of script tags in your DB then you need to remove them manually.
I am working on a DB Scan feature for my next plugin release and your donations help me allocate time to maintaining and improving this project, so thanks for that and look for this new update soon.
In the mean time you can try running an SQL statement like this in PhpMyAdmin:
UPDATE wp_posts SET post_content = REPLACE(post_content, '<script src=\'https:// some malicious domain here / malicious script.js\' type=\'text/javascript\'></script>', '') WHERE post_content LIKE '%<script src=\'https:// some malicious domain here / malicious script.js\' type=\'text/javascript\'></script>%'
Replace both instances of “https:// some malicious domain here / malicious script.js” with whatever path is used in your injected script tags, and don’t forget to escape any quotes in the HTML strings, and it may or may not have “type=’text/javascript’” or other properties in it so check that it matches the code injected into your posts.
If you don’t have access to PhpMyAdmin or another DB utility to execute SQL statements then you can download my EZ SQL Reports plugin (elisqlreports).
Let me know if you need more help.
