Strange stuff in apache log
Solution 1:
Unless you have noted strange new files, changed system files, or other odd behaviours from from your server, I wouldn't worry much about those strange log entries. Anyone can send malformed HTTP requests to your server if it's open to the internet, and so many people (or bots) do just that.
Why would they do that? Well, some web servers have known vulnerabilities that can be exploited by sending them just the "right" kind of request. So what you're possibly seeing are probes for known (or even unknown) vulnerabilities. If it makes you feel safer, you could take retroactive measures, like blocking/banning IP's that send malformed or unknown requests (using iptables, fail2ban, etc.).
Personally, I take the stance that blacklisting "bad" IPs is not really worth it, since, by the time you see their traces in your logfiles, they've either learned that you're not vulnerable, or you're already hacked. I believe the better approach is to be proactive with security:
Keep your server software fully patched and up to date. Always. Fastidiously. Religiously.
Keep your attack profile as small as possible: Don't install/run any unnecessary software on the server. And, as William of Ockham once said, "Do not multiply user accounts unnecessarily."
Firewall your server. (Or don't, but know what you're doing.)
Run an intrusion detection system, like AIDE, OSSEC, or samhain. This will alert you when system files change unexpectedly, often a tip-off that your server has been compromised.
Run system monitoring/graphing software, like munin, cacti, collectd or the like. Watch the graphs on a regular basis to get a feel for what normal system loads look like, and what your regular trends look like. Then, when your graphs show something you've never seen before, you have impetus to investigate further.
Run a web log analyzer/grapher, like webalizer or awstats. Again, become familiar with what normal operations look like, so you can quickly recognize when things aren't normal.
Run a separate log server---preferrably on a minimal, security-hardened system that's running nothing else---and configure your servers to send their logs to it. This makes it much more difficult for an intruder to cover his tracks.
Solution 2:
What kind of server are you running? Apache?
That looks like an IIS exploit....Code Red/NIMDA
Solution 3:
Every publicly accessible web server receives requests like this all day long. They're just blindly attempting known exploits against your server. What I often do is configure the web server to display a blank page when it receives requests to it's IP (i.e. http://10.0.0.1). I only allow the sites to appear when the correct virtual host domain is requested.
See what site appears when you access the web server by IP instead of by domain name. Most of the exploit scripts crawling the netter-tubes aren't performing valid virtual host requests(proper virtual host headers).
You can also look into the various utilities that will automatically block IP addresses that attempt nefarious requests.