With the advanced growth of internet technology, viruses, worms, trojans and spywares are widely spread, and these malwares which are used for remote control become a Bot. Bots are united as a Botnet. BotMaster commands multiple Bots to issue DDoS attack, to send spam mails, to hook personal information by the C&C server or to gain illegal profits through advertisements. In order to detect Bontnet and malwares, scholars have conducted extensive researches, including installing software to monitor the network connections and processes, observing the anomaly behaviors and features of Botnet and malwares by capturing the connections from VMware and Honeypot system, gathering as well as analyzing the connections of Botnet by Honeynet and IDS, respectively. Thus, effective detections to Botnet and malwares become urgent issues. Aiming to develop an effective detection to Botnet and malwares in an organization or school campus, this paper proposes a host-based and network-based detection scheme. By taking advantage of SNMP notifications, the proposed detection scheme is aware of the time when the computer was turned on, and a dynamic polling can be immediately conducted. In addition, the monitoring of SNMP MIB-II and Host Resources MIB objects help the collection of the information related to network connections and current processes within the certain time period right after notifications are received. In the proposed scheme, Black/White lists are adopted to deal with anomaly processes of Botnet and malwares, and afterwards, a traffic analysis via NetFlow is also made for more details of suspected traffic flows. For detection of fast-flux bots, we adopt reverse DNS queries from real-time traffic collection in NetFlow to achieve better detection results.