thanks, Darks - looks fully automated, not a deliberate attack stemming from current activity.
it might be that other computers infected with the trojan mine *was* infected with in June tried to ping what was once part of the trojan's network
fortunately, I have some hefty, daily-updated, multilayer AVWare. Not saying what they are... one of the best defenses is not letting the other guy know what defenses he must penetrate.
Well, even if it is automated, you'll love where it is from:
http://www.dnsstuff.com/tools/whois.ch?ip=58.236.52.152&email=on
(Has abuse report e-mail addies too.)