The invention discloses a static trojan horse detection method based on a terminal self-starting item. The static trojan horse method comprises the following steps: establishing an engine analysis model of a system starting item, performing full-periodic starting item change monitoring, performing grey list intelligent analysis on data which is filtered by the engine analysis model of the system starting item, recording the data and storing into respective databanks, performing static scanning detection on the databanks and intelligently analyzing and comparing the databanks. By adopting the static trojan horse detection method disclosed by the invention, the conventional trojan horse searching and killing mode based on a starting item is changed. The conventional trojan horse is detected, searched and killed based on known Trojan horse behavior, and no detection methods are available for unknown trojan horse or trojan horse started based on application; through engine analysis static detection and full-periodic detection on the system starting item, unknown trojan horse can be rapidly judged, and the trojan horse is started based on which starting item or what behavior can be rapidly judged; according to the detected trojan horse, the trojan horse storage position and the relevant files can be detected, and then the trojan horse can be directly and manually searched and killed.