Trojan program activities have not only brought about in criminal activities but also pose a challenge to law en-forcement agencies. Digital forensic practitioners are increasingly facing situations in how to conduct a forensic analysis. Due to the increasing use of Trojan programs by hackers, Trojan defense is likely to become more popular than before. This study reviews a digital forensic report of Trojan defense case of Train Ticket Scalping in Taiwan. This study also presents a RPC (Review, Pinpoint, and Clarify) strategy for exploring and analyzing evi-dence-relevant data. This strategy is potentially useful for Trojan defense data sets and evidence quality review.
Key Words : Trojan defense;auditing logs;advanced persistent threats;digital forensic report; quality review