/_vti_bin/ are MicroSoft Front Page (MSFP) extension files, so possibly someone has saved your site to their desktop - or - has re-published a webpage from your site with MSFP and someone else is using this UA (core-project/1.0) to request these files. If so, there should be an active link to your domain remaining or else these file requests wouldn't be in your log.

Looks like core-project/1.0 is a personal bot written by someone over at codingforums.com.

If so, there should be an active link to your domain remaining or else these file requests wouldn't be in your log.

Nope. I've never had Front Page Extensions installed on my server. :)

I often see bots requesting files that have never been on my server. I usually suspect them of being vulnerability probes.

Looks like core-project/1.0 is a personal bot written by someone over at codingforums.com.

That's sort of what I thought, but if it's the same forum I looked at the name of the project was just slightly different, code project vs. code-project, so I wasn't positive about it referring to this user agent.

I often see bots requesting files that have never been on my server.

The vti prompts can also come from a visitor using either MS-Word or FP for a browser.

I've had a few instances were visitors using FP actually attempt to modify a page.
These instances have been so rare and non-sucessive in attempts that I'm not so sure they were as much malicious as accidental.

I've never had the FP extnsions installed. I did at one time use FP to create web pages, however in a very limited capapcity and mainly as a text editor. NEVER having used any of the componets options.

Nope. I've never had Front Page Extensions installed on my server. :)

I didn't intend to imply you did, as Wilderness said, these file requests do not necessarily require that MS extensions are on your server, just that the user is asking for them, for several of the above reasons.

I understand now. Thanks for being patient with me. :)