I am attempting to retrieve the log-in accounts that are actually visible when Windows first loads (XP, Vista and 7).

I am able to enumerate all accounts (thanks to this code: freevbcode.com), however this particular function enumerates all system user accounts (Administrator, Guest, HomeGroupUser$, LogMeInRemoteUser, etc.) whether they appear on the log-in screen or not. How do I distinguish between visible and not-visible accounts?

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList has a list, read the DWORD there and bitwise AND it with 1, if that is <> 0 (or there is no entry at all for the username) then the account is visible on the Welcome Screen

(Note: That registry key and the meaning of the dword value is undocumented AFAIK)