if they are your machines and you have administrator passwords you should skip the whole scan the filesystem thing and look for Kazaa* keys in the machines registry.

likewise if it's your network a machine sniffing traffic and logging ports (even inspecting packet data) will give better results. network traffic from P2P apps stick out like a sore thumb regardless of the ports they're configured for.

if you want to stop P2P, lock down the machines and take Administrator password away from users.