Could someone please point me to a good source, GUI or not, for Windows Command Lines. Looking for any command lines that might help ID active root kits or open and listening ports, especially any ports not normally used. Also, anyone who thinks they have other good command lines that might help with forensic analysis of a running, live, windows machine. Not necessarily a RAM dump, but anything that a forensic examiner could use that might not seem so obvious. We would like to catch people listening in on people if we can. We are finding mostly soon to be ex husbands taking advantage of their soon to be ex wife's limited knowledge of how computers work. They may have SpectorPro or something similar running, or a home built bug or root kit installed and listening.
I know this is a big question and not so precise either. I hope someone can work with it. Thank you.