One thing I noticed is that you have 2 instances of XAMPP installed.
This is not recommended.
Perhaps try renaming the instance that you don't use to say xampp_copy
or even delete the other instance.
With regard to the perported attackers, you can block them or any one, from accessing your site by grabbing their IP or domain name from the Apache error or access logs and inserting them into a .htaccess file in the www (Document Root directory where the index file is) of the site they are trying to access.
The Deny directive content in the .htaccess file may look like this:
Deny from 18.104.22.168 <- full IP
Deny from 123.45.67. <- IP range
Deny from 123.45. <- IP range
Deny from 22.214.171.124/16 <- CIDR
Deny from 10.1.0.0/255.255.0.0 <- Network mask pair
Deny from domain.tld <- blocks sub.domain.tld also
There is no limit to the number of IPs or domains you can enter into a .htacess, but it is recommended that each entry be on its own line.
http://httpd.apache.org/docs/2.2/mod/mo ... _host.html