I know that I just need to trust the NIS 2010 smart firewall and let it do it's thing.

But I throws me off why firewall rules seem to get created automatically

for things (and these are things in the last few days)such as:

Spooler SubSystem App

Windows Explorer ( not iexplore)

Local Security Authorithy Process

Why would these need to access the internet??

These rules seem to indicate that they are created for outbound purposes