volatility -f /path/to/memory/dump.001 --profile=<profile> malprocfind > malprocfind-results.txt && cat malprocfind-results.txt && grep False malprocfind-results.txt
The more False flags in the grep output, the more suspicious the process is. Also look in the full output for multiple instances for which there should only be one, misspelled names, processes without running parents etc.
volatility -f /path/to/memory/dump.001 --profile=<profile> psscan > psscan-results.txt
Use the PID and PPID (Parent PID) to see what processes (parents) spawned what other processes (children) to determine if something is off. (iexplorer spawning a cmd.exe would qualify)
volatility -f /path/to/memory/dump.001 --profile=<profile> pstree > pstree-results.txt
pstree does the same as psscan, but in a more graphical way
If you want full-on graphics, use pstotal:
volatility -f /path/to/memory/dump.001 --profile=<profile> pstotal --cmd --output=dot --output-file=/path/pstotal-graph.dot
Then view it with xdot on Linux:
xdot pstotal.dot