The lines in question are
124.178.138.134 - - [03/Sep/2010:00:05:35 +1000] "\x1e\xaa\xb7P\xcfL\x1eeV*" 200 1617 "-" "-"
203.29.140.81 - - [03/Sep/2010:00:14:58 +1000] "5A\xe8o8*\x1bWxg\x84L\xa2\x04\x13}y\xbc\xd8\xf7" 200 1617 "-" "-"
120.16.62.30 - - [03/Sep/2010:00:21:01 +1000] "\x8b\x9d\x1b\xe4\x8b\x12\x82P\xd83&\x98\\\x89\xc2\x149`9\xac\xd1\xa4!" 200 1617 "-" "-"
86.57.229.206 - - [03/Sep/2010:02:05:53 +1000] "\xaeA\x94\xbd\x95H" 200 1617 "-" "-"
I'm assuming the \x1e etc that I'm seeing where I might often see GET / HTTP/1.1 are escaped character codes. 200 1617 matches lines around it, and 1617 is the size of the homepage, to my knowledge. Any thoughts on the matter? This is on an install of apache 2.2 on FreeBSD 8.0 GENERIC.
EDIT: Just got hit with another.
121.209.160.33 - - [03/Sep/2010:18:08:33 +1000] "\rz\x85\x0e\xbc\xc2U\xeb/9\x12\x8a-\x8d\x1df\xf8\x11\x8c\xc0\x1b,r" 400 226 "-" "-"
Generally those are most likely attacks against IIS servers (this one in particularly might be against the WebDav vulnerability).
If I understand correctly generally there's enough in the beginning to overflow a buffer and the rest is shellcode to open access into the system. Intrusion detection systems like Snort can detect these attempts and reject the submission before reaching the web server.
As for Apache, you're generally going to be safe as long as you be sure you stay updated. If you keep your eye on the access log you'll see plenty of those from bots all over just randomly attempting to infect other servers and further spread.
Someone tried to fetch documents with those names from your webserver. Its common that worms and script kiddies try lots of various exploits that often look similar to this, trying to exploit bugs in some versions of some web server.
200 is the result code (SUCCESS) and 1617 is the size of the document served.