With Virtualbox and VMWare, the USB passthough is possible, but it would be safest to 'encapsulate' your viruses inside iso cd images, and attach the iso as a virtual cd within the VM. Another safeguard may be to zip up the viruses/infected files with a password encoded zip, the way we used to send off our "in the wild" viruses to the antivirus companies.
Email could also be used as a vehicle for zipped attachments. You can always stop TCP/IP with the IPCONFIG /release, and restart with the /renew switch in the VM.
I would not feel safe using Windows VPC with it's integration features , or the Virtual machine additions etc of the other two enabled for sandbox work.