Due to recent malware breaching our current AV toolset I’ve been looking into doing some comparison testing between AV products. I’m going to be performing side-by-side comparisons within VM’s that will have nothing but the AV client on them, with the intention of running them through a gauntlet of dangerous sites to see how many infections they catch, and how quickly they catch them.

My current problem is that it looks like most of the entities online that have a list of malware URLs put them behind a paywall. Is anyone aware of a useful list of infected files or URLs that I can use to test against? Or am I stuck just trawling the dredge of the internet and installing everything that I’m prompted with?

I don’t know of any such lists.

You could always spin up a bunch of internet-facing VMs with XP and unpatched win-7 on them, and see how long each AV software can keep their host alive. That could be a neat experiment.

The only place, OTOH, that offers comparisons between different AVs is VirusTotal, but you would need your own samples of infected files

You might want to look for a DNS that can help filter out malware. Just adding another layer of protection.