Airmagnet laptop is a wonderful tool for this and it will even find them for you as well.
You do have to walk the entire building or whatever, but you will find every one of them that is turned on.
When you do find one yank it out of the wall and bash it with a hammer and leave the pieces on the offenders desk. Then send a memo out that any future attempts to compromise the network will result in the death penalty. You can modify this tactic for your specific situation but education of why its bad and fear of reprocussions is the only way to stop it.
if you are not looking to implement your own wireless network then you can look towards a few different companies that sell wireless "sensor" aps that tie back to a server, they offer wireless scanning of rogue devices as well as wired scanning and have the capability of doing an automatic shut on the physical switchport of the offending device. Airmagnet which was mentioned previously has their Enterprise Server solution and there is also Air Defense. There are also some other companies but those are the top 2 players.... if you are interested in deploying your own wireless infrastructure then i would look toward controller based to get the dual feature set.
Not to be the lazy guy in this thread, but if you do not have any sort of wireless presence just take a look at "SwitchMap" its an open source piece of software. Goes out and grabs the mac addresses of whats connected to your switches... Check it daily or setup a script to do it for you... And there you have a cheap, easy, and lazy solution. =)