Malware (Malicious Software) of Windows OS has become more sophisticated. To take some countermeasures for recent infection, more intelligent and automated system log analysis is necessary. In this paper we propose an automated log analysis of infected Windows OS using mechanized reasoning. We apply automated deduction system for gathering events of malware and extract the behavior of infection over large scale system logs. In experiment, we cope with four kinds of resolution strategies to detect the malicious behavior. It is shown that automation of analyzing system logs is possible for detecting actual malicious software.