Today I had to check to see if someone ran Profiler and a SQL trace in production without approval. A total no no.
If you query the default trace for that timeframe you will see under application name that SQLProfiler shows up with some numbers after it, I think it was a GUID. But basically there is a way to tell if someone is up in your database tracing your stuff.
Luckily in my case no databases were traced so we didn’t have to do more legwork. But this is a good to know if you ever need to know if it’s there, if you can find the files for the default trace from the timeframe there abouts, then you’ve got a shot to check.