Can a Windows virus transfer to Ubuntu?

Your operating system is neither the first code that executes on your computer, nor is it the code with the highest level of access. Malware loaded into the bootstrap code (including BIOS, video BIOS, RAID BIOS, NIC BIOS, UEFI, UEFI modules) not only will not be erased by installation of a new OS, it can hide itself from detection by the OS (although not perfectly, it will slow things down¹ and timing analysis may be able to detect that).

Only a small fraction of all malware operates at this level, but multiple cases have been documented. Here are just a few examples:

• New BIOS Virus Withstands HDD Wipes

• Blue Pill is the codename for a rootkit based on x86 virtualization

• Rootkit Detection Framework for UEFI^{Way Back Machine} "UEFI has recently become a very public target for rootkits and malware. Last year at Black Hat 2012, Snare’s insightful talk highlighted the real and very significant potential for developing UEFI rootkits that are very difficult, if not impossible, to detect and/or eradicate. Since then, a couple of practical bootkits have appeared."

Also, Stack Exchange site Information Security has several relevant questions:

• How to detect a virus in a network card?

• Viruses on video cards?

To be pedantic, these wouldn't be called "Windows viruses", although they may be carried inside Windows malware which served as the infection vector. And they wouldn't be said to "transfer to Ubuntu". My point is that if you had asked the right question, which I feel is "After formatting my Windows partition and installing Ubuntu, might I continue to be affected by malware?", you would learn that the unfortunate answer is "Yes that is possible."

¹ But malware that infects a coprocessor, such as the Intel Management Engine which has recently come to mainstream attention due to a critical vulnerability in the way Intel does remote authentication would not spend processor cycles. At best it might cause some timing variances due to bus and memory contention. Malware that infects a management subsystem is basically a worst-nightmare scenario, for both detection and removal.

There are a few parts to the answer to your problem:

Threats don't transfer from one OS to another

Threats that work on Windows usually don't work on other OS (there might be some that do, but I have never heard of any) because they both work very differently. That way, a virus that looks for your C:\Windows\System32 folder on windows won't find it on Ubuntu as it doesn't exist.

Threats don't survive a total wipe of your hard drive

If you erase your hard drive and install a fresh Windows on top, any existing threats would have disappeared, as they are just regular programs. I don't know if best buy employees did a simple rollback to factory settings or a full re-install of windows, but in the case of the re-install, you shouldn't have had any remaining problem.

As a conclusion, no, your viruses won't transfer to Ubuntu. However, your problem might be related to hardware problems. If you still have issues with your Ubuntu, you might want to ask support to look at your hard drive and motherboard and see if there is any problem there.

Note: If you still have viruses after a 1st Windows re-install, you should seriously check if websites you visit regularly are not infected or install a better protection software.

No

If you installed Ubuntu over windows and deleted all the Windows files the virus can not spread.

You can get Windows viruses on Ubuntu if and only if you install Windows software via programs like Wine.

Some comments:

1. There are false alerts, too. Virus scanners often use very crude heuristics. For example, when you have multiple virus scanners, they may detect each other as malware, too! And of course, false alerts can easily carry over to other platforms, if you take data with you.

2. In theory, Wine can also be used to run a Windows virus.

3. There could be a virus that has support for multiple platforms. Eventually there will be one, written in JavaScript and infecting Node.js webservers, for example.

4. Some tools scare Windows users, and report every web tracking cookie as a threat.

In practise, I have not heard a convincing report of this happening.

Although I don't know any actual virus that does it, I have to say:

Yes, a Windows malware can do harm under Linux.

Infection of files

Linux does not magically remove viruses. If you use Linux as a file server and the HDD was infected, it will spread the Windows malware although Linux is not affected.

Wine

You can execute windows binaries with wine. Although not every malware might be effective this way, some could still work with wine.

Honeypots / Java

If you have some malware that you don't see as malware, this could work on any system. Let's say you have a game that is a real game at the first glance, but does also use your computer for DOS attacks. You might even make it work on a new system.

An easy way to do this might be Java applets. They work on many systems and Java has lot of security issues.

Another hot candidate might be JavaScript or Flash. Both are available on many systems and you might use sites that deploy this malware (eventually without knowing).

The complicated way

Combined vulnerabilities

Suppose you had Windows and a virus that allowed the attacker to execute arbitrary code. Then the attacker could know vulnerabilities (eventually allowing him to execute arbitrary code when the system gets mounted) of Linux. Of course, he can load this.

MBR viruses

See Boot sector viruses

Note

By the way, I think such questions might be better suited for Information Security Stack Exchange.

I totally disagree with Ploutox's and Alvar's answers.

On one hand:

There would be a virus that can infect both Ubuntu and Windows! Simply the virus search for operating systems and infect them, even it can be more powerful because the virus don't need administrative rights when you use Windows to infect Ubuntu.

In conclusion: there could be a virus that runs on two different systems.

On the other hand:

A simple format should kill all viruses on a hard drive. Antivirus programs are really powerful nowdays.

In general: No

Normally, this is not the case.

Disc wipes

A disc wipe (“format”) is something a virus cannot survive iff done on a clean system (e.g. a booting from a clean Live CD, not an infected system).

Some viruses can be stored in the MBR, though this is a part of the disc that is also often overwritten during OS installation.

However, some viruses can infect the firmware (OpenFirmware, OpenBOOT, BIOS, EFI). That is massively harder to get rid of. Changing the mainboard usually helps. The comments about a clean Live CD (or write-protectable USB stick) from above apply.

Virus transfer

I know of someone who “double-clicked” on an eMail attachment on his SuSE Linux KDE desktop, which “helpfully” (hah…) started the Windows® virus using Wine (a Windows® loader)… and the system integration of Wine was good enough for the virus to be able to read the person's KDE (Linux) address book and spread to their friends.

But that's been quite a while ago, and rare. Although, with all the user-friendliness and focus on getting former Windows® users to convert to Ubuntu®, it would not surprise me if it could still happen.

Still, nothing you should worry about, I think.

The answer is NO

Threats that work on Windows usually don't work on other OS That way, a virus that looks for you folder on windows won't find it on Ubuntu as it doesn't exist or simply as a file or Folder

Main reason is that in windows it will be .exe files which will run as the virus and that format is not supported in other OS.

Though sometimes it may effect wine but don't worry about a crash because of that.

What I am hearing you say is that you had problems with your computer that some program identified as "threats" and that your problems did not go away after a factory reset. I would be concerned as well that the installation of a new operating system might not remove the problems completely.

In short, it is very unlikely that a Windows virus or threat could infect Ubuntu since a Windows virus is typically hidden inside a Windows program and you cannot run Windows programs in Ubuntu (except in Wine or similar). It might possible that a virus inside a Word or Excel file could harm you if you open the file in Libreoffice but these do not generally hide inside hard disk partitions.

The Ubuntu installation should have replaced the boot sector with GRUB, so you should be ok here. If you want to be really sure what partitions are on your hard disk, install GParted and see what's there. If you don't need Windows any more, you can delete these extra partitions. Just don't delete the one that has as mount point / (This is your Ubuntu system)

Do you know how to install a program in Ubuntu?

As with almost everything in the computer world, nothing is impossible - but a lot of things are highly improbable. In theory it is possible to write a Windows virus that will also infect a Linux system but as the two use entirely different architectures and file handling systems, it would be difficult to say the least. As many others have said, if you run some sort of Windows emulation like Wine, then you are running an effective Windows environment and it can be infected. If, as I do, you install both systems with a dual-boot loader (Grub) and choose which one to run at boot-up then any Windows virus cannot transfer from one to the other. I also run a full-featured commercial anti-malware program on my Windows system and have never had an infection find its way past that. From your initial post I'd say that the 'technician' who did the initial check didn't know squat! Your system should have been reformatted and a clean re-install performed; without this it's very difficult to be certain that even regular viruses and trojans are removed. However, even with this, it only needs one infected document, one infected site, or one vicious email and you're back on the same merry-go-round. The good thing is that if you install Linux, these most likely can't infect that.

Best of luck.