System Log "forensics" - Unauthorized device added - Hacked?

Macbook Pro 2011 15" OS 10.7.5

I've had some security issues as of late. Aside from Little Snitch and Wireshark usage, I discovered that a device was added to the System Preferences => Network as a "modem" if I recall correctly (usually the left window shows WiFi, Ethernet and Firewire). I promptly removed it - it was a knee-jerk reaction. It was a Samsung something or other. Only after did I start using Little Snitch and Wireshark to see if I could locate the intrusion and potential traffic. Anyhow, to make this short, I will omit extraneous details...

What I am wanting to do, if possible, is to search any log files, system or otherwise, to see if I could locate an instance of this intrusion, this device being added. Just in case I need proof that another device accessed my internet via illegal means, should the information they surfed online might be illegal or warrant investigation of ME.

Thank you - please let me know if you need any other information from me.

 

Not that I am aware of, via cable. Could POSSIBLY have been done while I left the room (with guests - but that's... paranoid thinking, right?). Bluetooth... has been rarely on. All settings should be (or at least should have been) set to "ask to join..." or even OFF. Remember Networks? Hmm... now that, I thought, was more for my own wireless access points (coffee shop, home, work, hotel, etc). Hmm. So.

Yes, since then, wireshark and LS have shown some things (after the fact - were not on during the incident, unfortunately) ... brute force, for one. I believe blocked. IP stored... but I don't think that has anything to do with this? I just basically want to know where, in the macbooks logs, I can locate that this device was added - for record purposes, mostly.

 

Thanks, but this does not answer my question. Do you have a solution to my question? And YEAH... I'm going to. Just backed all of my important files up. This is the LAST freakin' step before I make the jump. So please, if you have information on how I can locate the device being added in the LOG files, that would be great. Not some kind of snarky advice.