in reply to Tracking Kazaa?
if they are your machines and you have administrator passwords you should skip the whole scan the filesystem thing and look for Kazaa* keys in the machines registry.
likewise if it's your network a machine sniffing traffic and logging ports (even inspecting packet data) will give better results. network traffic from P2P apps stick out like a sore thumb regardless of the ports they're configured for.
if you want to stop P2P, lock down the machines and take Administrator password away from users.
In Section
Seekers of Perl Wisdom