VMware registry keys

Here is the example of a malware that detects the presence of VMware because of the registry keys (VMware tools installed). As a consquence, the malware removes itself and stops executing.

In the above example, removing the HKLM\SOFTWARE\VMware, Inc registry key enables to bypass the protection: