Dear, good day.
Performing some tests a few days ago based on the operation of virtual machines performed the test regarding the transfer of files from virtual machine to real machine and vice versa.
Aware that when it comes to attacks on companies 80% of them occur within the same company was able to observe that XP Mode (virtual machine with Windows XP OS) can seamlessly receive data transfer etc. to copy a real machine.
Most of the competitors tested antivirus did not detect an intrusion of this type of transfer (copy) to the real machine as treating infection. Can not have this new code in its database or not but it was done and still leaving in fact the same as treating process network.
The test was conducted using a backdoor to open a specific port (15) and make a "Reverse Shell".
Some just because it was only identified with this code in its database to 2 days only but not detected and started to treat this code as the normal PC...