I made a private Support request via the online page re how to remove gravatars and Likes from such WordPress bloggers, and eventually received a reply from one of the engineers saying they thought it might be a false-positive, and asking for a screenshot of the message. I have not sent it and reply here instead:

I have been using my security software for nearly two years. It is corporate-strength, bank-strength software which has zapped out of existence some viruses and many spywares. No false-positives so far. I trust this software. Knowing its name is not relevant.

Since receiving the email from the WordPress engineer, all the other strange things that I have posted about tonight have been happening. That malcious website person is still Liking my images; however, now all that appears in the gravatar is a picture of him and some text, nothing else any more!

I have noticed on my frequent other visits to WordPress blogs many such spam gravatars and wonder:

a) How can they remain in force without any verification, or any other obvious information re who they are?
and
b) WordPress needs to institute a way of removing such spam gravatars and Likes from such 'people'. Pronto.
and
c) Where do they come from? I.E. do they become part of a spambot ring targeting particular blogs?

I am a fervent supporter of WordPress and also a paying customer, for both my blogs.