A real malware modifies the desktop (desktop hijack) and promote the rogue with popups.
Looking into the code, we can see that just after being registered, the rogue removes the malware and its restriction that prevent users to restore the original desktop background. Then it displays the "Register Success" Message box.
