cpuid or vmcpuid... I'm not happy wit...

[Th4nat0s]

You state; 

for cpuid
Checking the CPU ID found within the registry can provide information to what kind of system you are running.

and for vmcpuid that is an instruction set.

so; 
Nop, the CPUID is an instruction at cpulevel (bytecode 0FA2), where you may ask for many informations about the running cpu, it is available since Pentium. You may retrieve the brand of the CPU or the Hypervisor when you request the leaf information 0 through the register EAX. Then the result is a string put in EBX, EDX, ECX where it is possible to see the brand of the cpu or the virtualisation in place.

Here some strings that are available across some plateforms.

KVMKVMKVM for KVM
"Microsoft Hv For Hyper V
VMwareVMware fro Vmware

GenuineIntel for a Intel CPU

Sniplet to validate an IntelCpu, this small code, will return if intel is not detected.

%ifdef NOSB_INTELONLY
mov eax,0
cpuid
cmp edx,0x49656E69
je _isintel
ret
_isintel:
%endif

Of course the setup of the hypervisor may be tweaked to simulate genuine cpu.

And yes you may check such result in the registry also ( as stated in cpuid documentation )

[fr0gger]

Thanks a lot please find the technique updated here: https://unprotect.it/technique/cpuid/

Also check the code description. :)