I have not heard from the Phex dev for a very long time. So I am making my own call here.

If you see a Phex version specifically Phex 3.2.0.102 then boot it off your connection list. I have seen far too many of these over very recent past. Absolutely no reason for anybody to be using such an old Phex version below 3.4, so to see so many of them with identical version reminds me of these: Spam sample 1, . . Spam sample 2, . . Spam sample 3, . . Spam sample 4, . . Spam sample 5, . . Spam sample 6.

Edit: 4 April:
Came across a few files of spam by same person. Browsed them and they were sharing over 700 legitimate files with 6 pieces of spam. I am not going to add this host to the block list. It seems to me this is a fairly new user to the network who has downloaded the spam by accident, both audio and video spam and one spam document. Perhaps some might disagree with my decision but I do try to find out if hosts are deliberate spammers or accidental. I have come across accidental downloaders and sharers of spam before, so I need to keep making this kind of decision. I thought I should give an example to show a part of my approach. I can understand how this person was duped.
Had they been using LW 5 / LPE then perhaps some of those files might have been auto-deleted after they finished downloading them if any of those files were on the LW 5's known virus spam file list. (I just never understood why this in-built tool of LW 5 did not make the decision to stop and delete the file very early on in the download process instead of when the file had totally 'finished' downloading.)