Hiding a window from the Taskbar using WS_EX_TOOLWINDOW

A window can be hidden from the Taskbar by adding the WS_EX_TOOLWINDOW extended style. As a side-effect, this changes the window frame, but that may not be a problem. When modifying an already existing window, that window needs to be hidden and then showed again for the modification to take effect.

One application can easily do this to a window of another application. For example, here is a bit of code for doing this to Windows Live Messenger:

HWND hw = FindWindow("MSBLWindowClass", NULL);
if (hw == NULL) {
 printf("Window not found.\n");
 return -1;
}
ShowWindow(hw, SW_HIDE);
SetWindowLongPtr(hw, GWL_EXSTYLE,
              GetWindowLongPtr(hw, GWL_EXSTYLE)
              | WS_EX_TOOLWINDOW);
ShowWindow(hw, SW_SHOW);

It works well, but the code has to be run every time the window is created. It's better to actually create the window with WS_EX_TOOLWINDOW, but that requires a bit more work. The simplest way is to intercept the function which the application uses to create windows. Detours provides an easy way to do this. For example, to hide the Windows Live Messenger window, intercept CreateWindowExW. The intercepting function just needs to do the following before calling the real function:

if ((((DWORD)lpClassName) & ~0xFFFF) != 0 &&
 !wcscmp(L"MSBLWindowClass", lpClassName)) {
 dwExStyle |= WS_EX_TOOLWINDOW;
}

I don't recommend patching of binaries. It's more difficult to understand program flow and devise a patch, and some applications would make it even more difficult via packing and anti-debugger techniques. Patching also needs to be re-done when the application is updated. In this case, it only makes sense as a reverse engineering training exercise. One hint: a Win32 API monitoring program such as WinAPIOverride32 can easily find the location of the call.