You may have a compromised host as it appears a computer on your network is making requests to known Malware domains. First you need to find out which hosts are making these requests. Analysis->Intrusion Events should show you the events in question. (Be aware that it may show your local DNS server making the request on behalf of a host and not the original client who is compromised that made the request.) After locating which IPs are compromised you should wipe those PCs/Servers or at the very least clean with AV (though the later may leave undetectable software installed.)
Look for the "Inline Result" column. A dark down arrow will show if it dropped the traffic. A light down arrow will show if it would have dropped the traffic if "drop when inline" was enabled on your Intrusion policy. You can highlight your mouse over the arrow to read what it did.