Every piece of malware that could be executed was in fact executed. This resulted in the trace or component files that are also included in the test results PDF. These components or traces include downloader scripts, login items, backdoors and 'listeners' waiting for incoming commands from C&C servers. I'd definitely count them as relevant. Keyloggers, hacking tools etc. can all result in serious damage to the infected person whether it's data loss or financial loss, these tools should not be excluded from any test but taken as serious as other malware.