4 commodity software, and 5 Botnet malware. We also experiment with vanilla DTA and DYTAN's DTA, which demonstrate under-tainting and over-tainting problems, respectively. We evaluate the experimental results on two criteria: the number of tainted instructions, and tainting intensity. The evaluation shows that our system propagate taint marks to the control-dependent data for all 9 programs, and does not cause over-tainting problem. Although there are some discussions, we hope our approach will contribute to the software testing and malware mitigation.