Botnets have become major threats to the security of the Internet. By implanting malicious bots into computers owned by ordinary users through social engineering tricks, attackers are able to remotely control victim computers to carry out malicious or disturbing operations, such as DDOS attack, or spam mail delivery. Many mechanisms have been proposed to defend against botnets that are controlled through specific command nodes. The strategy adopted by these mechanisms focuses on identifying the command node and blocking messages sent from it. However, the same idea is not applicable to the recently evolved P2P botnets since any member in a P2P can take the role of a command node. Therefore, new mechanism is needed to defend against P2P botnet. In this paper, we proposed an adaptive defense mechanism against P2P botnets. Through identifying victim computers within a network environment via multistage monitoring first and with stopping potential malicious operations follows, attackers can no longer utilize victim computers to perform malicious operations.