Can't restore on windows Seven because of sfi.dat

Hi all,

Someone reports me a bug when you try to restore your system on Windows Seven or Vista.

I try it and, i can reproduce it. Apparently it’s caused by sfi.dat, see attached screen.

“System restore failed to extract …\sfi.dat file from the restore point”

[attachment deleted by admin]

Known problem. You can work around it by starting Win 7 from the installation DVD and running system restore from there. Then it will work.

It’ll be fix or that will the only way to restore ?

It is not a fix. The fix will have to come from Comodo.

I probably write wrong. Sorry for my bad english :-
I mean, Comodo plan to fix it or no or you don’t know ?

I don’t know if Comodo is going to fix it. It is reported here in the bug boards so they have seen it. It is now up to Comodo.

All we can do is sit and wait.

Ok, thanks for your answers :wink:

I am having the same problem, can’t use restore. This seems to be a recent issue as I have used restore “plentifully” in December while I was debugging Win7 and various drivers on this tablet. I have tried turning Comodo completely off and doing restore, but it has the same error.
I have a recovery partition (w/ Vista) which normally shows up as D: When I boot from the Win7 DVD it can’t find a partition to restore from. MS advise is to boot from the desired partition and restore from there. Well duh.

Anyway, before I go down this road, if I remove Comodo, will I get my restore points back? When I remove Comodo, what other issues do I need to be aware of, what other files might not be accessible and then there is no Comodo to get rid of them w/ quarentine?

Is there some secret to using a Win7 DVD and or the command prompt or something to solve this and still keep those restore points? Coz I really really don’t want to go back a whole month and I know the problem lies between Christmas and the first week in Feb.


I think when using either the Win 7 or Vista installation DVD (this doesn’t work when using a restore DVD that come with many OEM build machine) you need to choose not to let the set up try to fix it automatically but choose to try it your self. Then you will get a screen with, I think, four options. Then choose System Restore.

I hope the above is clear enough. It is not something I do every day.

OK, I don’t want to beat the restore issue more than necessary coz it doesn’t seem to be an option. I would rather address q1) if, by removing comodo, I get my restore points back and Q2) when I uninstall comodo, what else I need to be concerned about like not being able to remove sfi.dat with the quarantine feature (since it won’t be installed anymore). With a definitive answer to the second question, I’m happy to go experiment with q1 as time permits.

The win7 is not broken but has driver conflicts btwn comodo update, winsec updates, hp updates, all which did not exist b4 Jan 1, but do now. I would go backwards through successive restores until I find the cultprit - if I could. This comodo issue is a show stopper for me, so I am not upset about uninstalling it. However I don’t want it to leave things (files, registry entries) that will continue to cause problems, which I suspect it will.

On the restore issue, I have been searching and trying various options all day. Essentially, here is what happens:

  1. boot from win7 (ultimate full version) dvd
  2. 2 options, repair or install, select repair
  3. get a menu with system recovery options, which is overlayed with a diagnostic that searches for windows installations. It finds c:windows. Select use recovery to fix win 7 on c:, then select restore from an earlier image.
    RESULT: Win says it can’t find a system image. OK, cancel out of that… no other options.
  4. On the next (remaining would be more accurate) screen there are the following options:
    a) repair
    b) restore system
    c) image recovery
    d) memory diagnostics
    e) command prompt

I think this is the menu you reference. From here, I have tried two options:
Select restore, then select restore from an earlier image.
RESULT: Win can’t find a system image (the screen that had the win7 on c: before, now has nothing)
Select command prompt and use rstrui from x: and from c:
RESULTS: Win can’t find a system image (the screen that had the win7 on c: before, now has nothing)

If I use system restore after starting win7 on the c: partition, I get the can’t find sfi.dat file, and by the way, if you select to let windows determine what programs might need to be reinstalled (after it comes back and tells you system restore didn’t work an nothing was changed - but also give you the option to undue the restore - duh?) it only finds comodo. This is the first time win has identified comodo as a program that might need to be reinstalled so I am highly suspecting that the latest update of Comodo, which was in Feb, is a key component in this problem. Don’t know what sfi.dat does, but win7 knows something is wrong. Would be nice if I could restore to a point b4 the comodo update. Alas, doesn’t seem to be an option as currently configured. And that is what has led me to the questions I began with in this post.

Thanks for responding, I appreciate your assistance. I don’t want to seem to be arguing, I am just trying to give you all the information I have, for what it’s worth. I have regrettably acquired a lot of experience with restore as well as driver conflicts since win7. Fortunately, this isn’t a computer I rely on. Too bad HP doesn’t care. Too many tablet options coming to market this year for me to continue doing HP’s work, tho.

Best wishes


If you try in safe mode, it works.

Sfi.dat belongs to Stateful Inspection of the AV and it is locked when Windows is running.

Hi.I try to restore system but it fail and tell me that "System restore failed to extract the file (C:\Windows\System32\drivers\sfi.dat)from the restore point.An unspecified errorr eccorred during System Restore. (0x80070005).I try to another restore point but it shown me up the same error.What i should do to complete successfully the system restore?

As far as I know, this happens with all versions of Windows. I know it does for me with XP.

As a workaround start from the Installation DVD of Vista or Win 7 and choose to repair and then click to use System Restore.

With some systems System Restore is part of the screen that pops up upon booting after Windows crashed or was improperly shut down. Try starting it from there.

I believe it’s a system specific thing. As I (and others) have mentioned in various threads, system restore functions as it should. (I’m running Win XP Pro SP3) So there is more going on than it simply being an issue with sfi.dat. If the problem was merely the sfi.dat file, the restore issue would affect everyone, not just some people.

there is a workaround to this problem try system restore from safe mode.

It works correctly thre problem related to sfi.dat does not appears there.

another workaround is to add administrator to list of users with full permission on sfi.dat.



The sfi.dat is locked because it is a Comodo file. It holds the information from the AV’s Stateful Inspection. I guess when people put the AV to On Access or don’t use the AV they will not have problems.

I run the AV in stateful mode and do not have any problems with system restore.

Ty for your replyies.i will try to do a system restore from safe mode and then from the boot dvd if tha safe mode does not work.