I’ve seen the PCUser plague as well, and seriously considered blocking on the UA string. (Fortunately, installing a slightly modified three strikes plugin has blocked the current run.) A search through my site’s logs for October for “PCUser” — nearly all were (attempted) posts from this scumbag.
Nearly all.
I did find three visits — all early last week — that looked like normal web use patterns: each came in from a Google search, two were single-page visits while the third looked around at a half dozen pages, and they hit all the associated scripts, images, stylesheets, etc. They were also all hits to other, non-WP areas of my site. So it looks like *someone* has that UA, but it’s very rare.
I’ll be renaming wp-comments-post.php to be a bit more proactive. I was going to suggest an option to randomly rename it as part of the install process, but realized that would be trivially defeated since the bots are obviously pre-harvesting the URLs (based on the presence of referrers in the hits). They could as easily harvest the script location as part of the process.
(As for recommending that people search the archives… what do you think FAQs are for? As long as it’s suggested politely, it saves everyone more time in the long run, including the person asking the question. Give a man a fish vs. teach a man to fish, as the old proverb goes.)