Some customers stranded by a flawed BitDefender antivirus update that crippled their computers have demanded refunds and compensation for money spent fixing their PCs, according to messages on the company's support forum.
The Saturday update quarantined hundreds, sometimes thousands, of legitimate files on Windows 64-bit systems, including those with .exe, and .dll extensions, making it impossible to boot affected computers once they had been powered off.
BitDefender acknowledged the problem the same day, and released a patched update and workaround instructions Sunday. Among the workarounds was a complicated procedure that required users to download a repair disk and burn it to a CD or DVD that would then be used to boot the PC so that the owner could reverse the rogue quarantining of critical files.
Users were understandably angry at BitDefender's foul-up, and some demanded compensation for the time, money and trouble it took them to regain control of their machines. They kicked off a thread on BitDefender's support forum that as of mid-day Tuesday ran 14 pages, and included more than 270 messages.
Several asked for extensions to their current BitDefender licenses, but most dismissed that as insufficient, and instead demanded a full refund or more.
"I just want a refund. Why would I want a free license key when the program that was supposed to be protecting my computer infected it? That would be stupid," said a user identified as "jimwhite99" in a message Saturday.
"I would like my money back at least," added "ahumpage" on the same thread. "I have removed BitDefender from my PC and will never use one of their products again. This error is inexcusable. Exactly how was this update tested before it was sent to unsuspecting customers?"
Some users defended BitDefender, but they were clearly in the minority. "I am NOT saying they are not responsible," said "L.o.D." yesterday. "But the fact remains that a lot of you are coming off as if they did it on purpose."
"I think at the very least there should be a number of remedies available to affected users," said "NesralNeets" Monday before ticking off three possible remedies: compensate users for the money they spent fixing their PCs, offer a full refund, or extend users' licenses by at least a year. "BitDefender needs to take corporate responsibility seriously to restore confidence in its product/company. They can do that by treating and compensating their customers fairly."
Vitor Souza, BitDefender's global marketing director, said that is what the company is trying to do. "We're really looking for a solution," he said in an interview today when asked whether BitDefender would compensate affected users, and if so, how. "Each case is different and unique, and we're addressing each individually."
Later in the conversation, he acknowledged that BitDefender had offered refunds and license extensions to users who asked for them.
"The number of affected users is very small, a few hundred worldwide," Souza claimed. "We have reached out to the customers and answered their requests," he added.
But according to users, BitDefender hasn't yet reached everyone. "I [am] still waiting for BD response to my complaint on the refund," said "lorddraco" earlier today. "Nearly 24 hours...no response."
BitDefender is also still trying to puzzle out the root of the problem, acknowledged Souza. "We're coming very close to understanding it," he said, adding that a mistake in the process BitDefender uses to prep an antivirus update was apparently to blame.
"In the short term, today, this week, there will be some negative," Souza admitted, referring to the backlash over the snafu. "But we can definitely bounce back."
BitDefender isn't the first antivirus company to issue a damaging update, or to compensate its users. In 2005, Trend Micro released a flawed signature update that slowed PCs to a crawl. Within days the company announced it would reimburse users for all repair costs.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org .
Read more about security in Computerworld's Security Knowledge Center.