Both ZA and Comodo do have logs. http://www.google.com/search?hl=en&q=windows+tripwire finds more and there is something very simple you can do to help yourself out.
Did you at least set the read only flag on files you know shouldn't be changing? That's minimal and we can escalate this to NTFS permissions but I'll start with simple.
I am running apache webserver under Windows XP (Apache/PHP/MySQL). Is there any portsentry equivalent tool I can run to detect any intrusion or attack? Is there any easy way to assess the server vulnrability under windows XP?