This group is used by the user banning features. When a user is banned, the user's group membership gets overridden and the user is now placed in the "Banned Users" group. A web filter policy is needed to block access for the "Banned Users" group, because it's not added automatically.
This group is used when a user is authenticated correctly but the web filter has no information about the users group membership. Directory groups are mapped to local Smoothwall groups, but if a user is not a member of any mapped group, the user's group membership is set to "Default Users".
Any unauthenticated request has "Unauthenticated IPs" in the group field. This goes for any proxy that doesn't require authentication as well as any request to destinations included in the authentication exceptions section of the proxy configuration.