Importing changes from my branch. There are two major updates:

1) I wrote a function that formats output from scripts in a consistent way. Although we haven't really come to a concensus on how it should look yet, it's easy to change when we do. 
2) New script: smb-enum-groups.nse. Enumerate the local groups on a system and their membership.

scripts/http-malware-host.nse

@@ -14,10 +14,11 @@ Thanks to Denis from the above link for finding this technique!
 -- Interesting ports on www.sopharma.bg (84.242.167.49):
 -- PORT     STATE SERVICE    REASON
 -- 80/tcp   open  http       syn-ack
--- |_ http-infected: Host appears to be clean
+-- |_ http-malware-host: Host appears to be clean
 -- 8080/tcp open  http-proxy syn-ack
--- |  http-malware-host: Host appears to be infected (/ts/in.cgi?open2 redirects to http://last-another-life.ru:8080/index.php)
--- |_ See: http://blog.unmaskparasites.com/2009/09/11/dynamic-dns-and-botnet-of-zombie-web-servers/
+-- |  http-malware-host: 
+-- |  |  Host appears to be infected (/ts/in.cgi?open2 redirects to http://last-another-life.ru:8080/index.php)
+-- |_ |_ See: http://blog.unmaskparasites.com/2009/09/11/dynamic-dns-and-botnet-of-zombie-web-servers/
 -- 
 
 author = "Ron Bowes <ron@skullsecurity.net>"
@@ -45,46 +46,40 @@ portrule = function(host, port)
 	return true
 end
 
-local function go(host, port)
+action = function(host, port)
 	-- Check what response we get for a 404
 	local result, result_404, known_404 = http.identify_404(host, port)
 	if(result == false) then
-		return false, "Couldn't identify 404 message: " .. result_404
+		return stdnse.format_output(false, "Couldn't identify 404 message: " .. result_404)
 	end
 
 	-- If the 404 result is a 302, we're going to have trouble
 	if(result_404 == 302) then
-		return false, "Unknown pages return a 302 response; unable to check"
+		return stdnse.format_output(false, "Unknown pages return a 302 response; unable to check")
 	end
 
 	-- Perform a GET request on the file
 	result = http.get_url("http://" .. host.ip .. ":" .. port.number .. "/ts/in.cgi?open2")
-	if(result == nil) then
-		return false, "Couldn't perform GET request"
+	if(not(result)) then
+		return stdnse.format_output(false, "Couldn't perform GET request")
 	end
 
 	if(result.status == 302) then
+		local response = {}
 		if(result.header.location) then
-			return true, string.format("Host appears to be infected (/ts/in.cgi?open2 redirects to %s)\nSee: http://blog.unmaskparasites.com/2009/09/11/dynamic-dns-and-botnet-of-zombie-web-servers/", result.header.location)
+			table.insert(response, string.format("Host appears to be infected (/ts/in.cgi?open2 redirects to %s)", result.header.location))
 		else
-			return true, string.format("Host appears to be infected (/ts/in.cgi?open2 return a redirect)\nSee: http://blog.unmaskparasites.com/2009/09/11/dynamic-dns-and-botnet-of-zombie-web-servers/")
+			table.insert(response, "Host appears to be infected (/ts/in.cgi?open2 return a redirect")
 		end
+		table.insert(response, "See: http://blog.unmaskparasites.com/2009/09/11/dynamic-dns-and-botnet-of-zombie-web-servers/")
+		return stdnse.format_output(true, response)
 	end
 
-	return true, nil
-end
-
-action = function(host, port)
-	local status, result = go(host, port)
-
-	if(status == false) then
-		if(nmap.debugging() > 0) then
-			return "ERROR: " .. result
-		else
-			return nil
-		end
+	-- Not infected
+	if(nmap.verbosity() > 0) then
+		return "Host appears to be clean"
+	else
+		return nil
 	end
-
-	return result
 end