Navigation section

Update failed: Cumulative Update for Windows 11, version 25H2 for x64-based Systems (KB5070773) (26200.6901)

Understood — I’ll wait.
Enjoy your dinner — ping me when the install finishes and I’ll parse the results.
 

C:\Windows\System32>dism /Online /Get-Packages | findstr /I "KB5043080 KB5070773"

C:\Windows\System32>DISM /Online /Add-Package /PackagePath:"C:\Scratch\windows11.0-kb5070773-x64_b235da912270f84b761402e9511000a4f500b4ac.msu"

Deployment Image Servicing and Management tool
Version: 10.0.26100.5582

Image Version: 10.0.26200.5670

Processing 1 of 1 - Expand
[==========================100.0%==========================]
[===========================73.0%========== ]
An error occurred - C:\Scratch\windows11.0-kb5070773-x64_b235da912270f84b761402e9511000a4f500b4ac.msu Error: 0x800f0991

Error: 0x800f0991

DISM failed. No operation was performed.
For more information, review the log file.

The DISM log file can be found at C:\WINDOWS\Logs\DISM\dism.log

C:\Windows\System32>
 

Thanks — good work so far. Summary of what I see:
  • You successfully installed the prerequisite KB5043080 from the Scratch folder.
  • After reboot, KB5070773 still fails during DISM /Add-Package with Error 0x800f0991 (commit/LCU apply failure). That pattern (SSU/LCU ordering or commit error after expand) is common and the usual next steps are the small log captures, trying the extracted CAB install, or, if needed, an in‑place repair.
What I recommend next (pick one; I’ll follow whichever you choose)
Option A — Give me the focused logs so I can parse the exact failure (recommended)
1) Pause Kaspersky and turn Controlled Folder Access OFF while you do this.
2) Run these four commands from an elevated PowerShell (they create small files on your Desktop):
Select-String -Path "$env:windir\Logs\DISM\dism.log" -Pattern '0x800f0991','Error','HRESULT','Failed' -CaseSensitive:$false -Context 3,8 | Out-File "$env:USERPROFILE\Desktop\dism_err_excerpt.txt"
dism /Online /Get-Packages > "%USERPROFILE%\Desktop\Packages_full.txt"
Select-String -Path "$env:windir\Logs\CBS\CBS.log" -Pattern 'KB5070773','0x800f0991','error' -Context 3,8 | Out-File "$env:USERPROFILE\Desktop\CBS_excerpt.txt"
Get-WindowsUpdateLog -LogPath "$env:USERPROFILE\Desktop\WindowsUpdate.log"
3) Attach those four files here and I’ll parse them and give the single exact remedial command (for example: install a missing SSU, apply the CAB directly, or run DISM with a local source). This targeted-log approach is the fastest way to a one-line fix.
Option B — Try the CAB route now (one-step attempt)
(If you prefer to act immediately instead of sending logs.
1) Extract the KB5070773 MSU and install the contained .cab directly (this bypasses the MSU expand/commit path that sometimes fails):
mkdir C:\Scratch\KB5070773_extracted
expand -F: "C:\Scratch\windows11.0-kb5070773-.msu" C:\Scratch\KB5070773_extracted
Find the *.cab inside, then (elevated):
DISM /Online /Add-Package /PackagePath:"C:\Scratch\KB5070773_extracted\<name>.cab"
2) If that succeeds, reboot and verify with:
dism /Online /Get-Packages | findstr /I "KB5070773"
Installing the CAB directly is a common workaround for MSU/expand/commit issues.
Option C — If both of the above fail: in‑place repair
If logs and CAB install don’t resolve it, the surefire next step is an in‑place repair (run a matching Windows 11 ISO / Setup → “Upgrade this PC now” → keep files + apps). This repairs the servicing stack and resolves stubborn 0x800f0991/servicing commit failures. I’ll walk you through that step‑by‑step if we get there.
Why I’m asking for logs first
  • 0x800f0991 can mean several different root causes (missing SSU, WinRE/EFI write failure, BitLocker/AV blocking the commit, or servicing stack corruption). The small DISM/CBS/WindowsUpdate excerpts show the exact failure code and handler messages so I can tell you the single correct fix rather than guessing.
Your call — which do you want to do now?
  • Reply “Logs — I’ll attach” and attach the four files (dism_err_excerpt.txt, Packages_full.txt, CBS_excerpt.txt, WindowsUpdate.log) and I’ll parse them immediately.
  • Or reply “Try CAB” and I’ll assume you want to extract/install the CAB now and wait for your DISM output.
  • Or reply “In‑place repair” if you want to skip the logs and go straight to the repair path.
I’ll stand by and parse whichever you choose.
 

Logs - I'll attach.

Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.
Install the latest PowerShell for new features and improvements! Installing PowerShell on Windows - PowerShell PS C:\WINDOWS\system32> Select-String -Path "$env:windir\Logs\DISM\dism.log" -Pattern '0x800f0991','Error','HRESULT','Failed' -CaseSensitive:$false -Context 3,8 | Out-File "$env:USERPROFILE\Desktop\dism_err_excerpt.txt" PS C:\WINDOWS\system32> dism /Online /Get-Packages > "%USERPROFILE%\Desktop\Packages_full.txt"
out-file : Could not find a part of the path 'C:\WINDOWS\system32\%USERPROFILE%\Desktop\Packages_full.txt'.
At line:1 char:1
+ dism /Online /Get-Packages > "%USERPROFILE%\Desktop\Packages_full.txt ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (:) [Out-File], DirectoryNotFoundException
+ FullyQualifiedErrorId : FileOpenFailure,Microsoft.PowerShell.Commands.OutFileCommand

PS C:\WINDOWS\system32> Select-String -Path "$env:windir\Logs\CBS\CBS.log" -Pattern 'KB5070773','0x800f0991','error' -Context 3,8 | Out-File "$env:USERPROFILE\Desktop\CBS_excerpt.txt"
PS C:\WINDOWS\system32> Get-WindowsUpdateLog -LogPath "$env:USERPROFILE\Desktop\WindowsUpdate.log"

Getting the list of all ETL files...

Please wait for all of conversions to complete...


================ Results from WULog_0 ================

Input
----------------
File(s):
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251016.083115.031.3.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251016.231602.094.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251016.231602.094.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251016.231602.094.3.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251016.231602.094.4.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251016.231602.094.5.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251016.231602.094.6.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251016.231602.094.7.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251017.012726.981.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251017.020522.747.1.etl

100.00%

Output
----------------
DumpFile: C:\Users\rupes\AppData\Local\Temp\WindowsUpdateLog\wuetl.XML.tmp.ce894417-7a3d-4e0f-bedb-6fa7bd14ddb4.00000
Warning:
Some events do not match the schema.
Please rerun the command with -lr to get less restricted XML dump
The command completed successfully.

==================================================


================ Results from WULog_1 ================

Input
----------------
File(s):
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251017.021814.571.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251017.040412.641.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251017.095804.092.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251017.102056.246.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251017.103515.110.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251017.164938.872.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251017.164938.872.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251018.061621.640.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251018.061621.640.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251018.061621.640.3.etl

100.00%

Output
----------------
DumpFile: C:\Users\rupes\AppData\Local\Temp\WindowsUpdateLog\wuetl.XML.tmp.ce894417-7a3d-4e0f-bedb-6fa7bd14ddb4.00001
Warning:
Some events do not match the schema.
Please rerun the command with -lr to get less restricted XML dump
The command completed successfully.

==================================================


================ Results from WULog_2 ================

Input
----------------
File(s):
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251018.061621.640.4.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251018.061621.640.5.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251018.061621.640.6.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251018.061621.640.7.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251018.064929.527.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251018.064929.527.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251019.084743.136.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251019.084743.136.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251019.084743.136.3.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251019.124222.627.1.etl

100.00%

Output
----------------
DumpFile: C:\Users\rupes\AppData\Local\Temp\WindowsUpdateLog\wuetl.XML.tmp.ce894417-7a3d-4e0f-bedb-6fa7bd14ddb4.00002
Warning:
Some events do not match the schema.
Please rerun the command with -lr to get less restricted XML dump
The command completed successfully.

==================================================


================ Results from WULog_3 ================

Input
----------------
File(s):
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251019.125732.477.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251020.012027.987.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251020.013102.628.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251020.023241.384.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251020.034848.447.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251020.184341.395.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251020.184341.395.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251020.184341.395.3.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.014559.001.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.014559.001.2.etl

100.00%

Output
----------------
DumpFile: C:\Users\rupes\AppData\Local\Temp\WindowsUpdateLog\wuetl.XML.tmp.ce894417-7a3d-4e0f-bedb-6fa7bd14ddb4.00003
Warning:
Some events do not match the schema.
Please rerun the command with -lr to get less restricted XML dump
The command completed successfully.

==================================================


================ Results from WULog_4 ================

Input
----------------
File(s):
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.133418.343.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.134920.964.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.151259.807.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.161604.861.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.161604.861.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.161604.861.3.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.161604.861.4.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.161604.861.5.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.161604.861.6.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.161604.861.7.etl

100.00%

Output
----------------
DumpFile: C:\Users\rupes\AppData\Local\Temp\WindowsUpdateLog\wuetl.XML.tmp.ce894417-7a3d-4e0f-bedb-6fa7bd14ddb4.00004
Warning:
Some events do not match the schema.
Please rerun the command with -lr to get less restricted XML dump
The command completed successfully.

==================================================


================ Results from WULog_5 ================

Input
----------------
File(s):
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.220758.658.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251021.220758.658.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.002540.990.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.031417.095.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.040349.610.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.044406.542.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.044406.542.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.115112.874.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.131301.691.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.165143.453.1.etl

100.00%

Output
----------------
DumpFile: C:\Users\rupes\AppData\Local\Temp\WindowsUpdateLog\wuetl.XML.tmp.ce894417-7a3d-4e0f-bedb-6fa7bd14ddb4.00005
Warning:
Some events do not match the schema.
Please rerun the command with -lr to get less restricted XML dump
The command completed successfully.

==================================================


================ Results from WULog_6 ================

Input
----------------
File(s):
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.165143.453.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.181043.475.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.192023.122.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.202435.988.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.204612.211.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.204612.211.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.213729.853.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.213729.853.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.213729.853.3.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.220423.783.1.etl

100.00%

Output
----------------
DumpFile: C:\Users\rupes\AppData\Local\Temp\WindowsUpdateLog\wuetl.XML.tmp.ce894417-7a3d-4e0f-bedb-6fa7bd14ddb4.00006
Warning:
Some events do not match the schema.
Please rerun the command with -lr to get less restricted XML dump
The command completed successfully.

==================================================


================ Results from WULog_7 ================

Input
----------------
File(s):
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.220423.783.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.220423.783.3.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.220423.783.4.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.220423.783.5.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.220423.783.6.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.224435.789.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251022.233937.340.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.000458.219.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.004335.399.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.004655.463.1.etl

100.00%

Output
----------------
DumpFile: C:\Users\rupes\AppData\Local\Temp\WindowsUpdateLog\wuetl.XML.tmp.ce894417-7a3d-4e0f-bedb-6fa7bd14ddb4.00007
Warning:
Some events do not match the schema.
Please rerun the command with -lr to get less restricted XML dump
The command completed successfully.

==================================================


================ Results from WULog_8 ================

Input
----------------
File(s):
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.004655.463.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.004655.463.3.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.004655.463.4.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.004655.463.5.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.004655.463.6.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.004655.463.7.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.171707.861.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.171707.861.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.184725.217.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.190026.376.1.etl

100.00%

Output
----------------
DumpFile: C:\Users\rupes\AppData\Local\Temp\WindowsUpdateLog\wuetl.XML.tmp.ce894417-7a3d-4e0f-bedb-6fa7bd14ddb4.00008
Warning:
Some events do not match the schema.
Please rerun the command with -lr to get less restricted XML dump
The command completed successfully.

==================================================


================ Results from WULog_9 ================

Input
----------------
File(s):
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.191159.084.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.191159.084.2.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.193931.986.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.194140.865.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.204130.520.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.204333.638.1.etl
C:\WINDOWS\logs\WindowsUpdate\WindowsUpdate.20251023.211813.669.1.etl

100.00%

Output
----------------
DumpFile: C:\Users\rupes\AppData\Local\Temp\WindowsUpdateLog\wuetl.XML.tmp.ce894417-7a3d-4e0f-bedb-6fa7bd14ddb4.00009
Warning:
Some events do not match the schema.
Please rerun the command with -lr to get less restricted XML dump
The command completed successfully.

==================================================


WindowsUpdate.log written to C:\Users\rupes\Desktop\WindowsUpdate.log

PS C:\WINDOWS\system32>

Packages_full.txt not created
 

Attachments

Thanks — the WindowsUpdate.log and CBS excerpt are done. The Packages_full.txt wasn’t created because you ran the CMD-style redirection inside PowerShell (PowerShell treats "%USERPROFILE%" differently). No problem — please run the two small PowerShell commands below (exact copy/paste) to create the remaining tiny files I need, then attach them.
Run these in an elevated PowerShell (Administrator):
1) Capture DISM package list (creates Packages_full.txt)
dism /Online /Get-Packages | Out-File -FilePath "$env:USERPROFILE\Desktop\Packages_full.txt" -Encoding ascii
2) Capture the last part of the DISM log (creates dism_tail.txt)
Get-Content "$env:windir\Logs\DISM\dism.log" -Tail 300 | Out-File -FilePath "$env:USERPROFILE\Desktop\dism_tail.txt" -Encoding ascii
(If you prefer cmd.exe for the first command, run this instead in an elevated Command Prompt:
dism /Online /Get-Packages > "%USERPROFILE%\Desktop\Packages_full.txt")
Optional (only if you want the focused DISM error excerpt again)
Select-String -Path "$env:windir\Logs\DISM\dism.log" -Pattern '0x800f0991','Error','HRESULT','Failed' -CaseSensitive:$false -Context 3,8 | Out-File "$env:USERPROFILE\Desktop\dism_err_excerpt.txt"
When those files are on your Desktop, attach these four:
  • Packages_full.txt
  • dism_tail.txt
  • dism_err_excerpt.txt (if you ran the optional command)
  • You already attached WindowsUpdate.log and CBS_excerpt.txt (so no need to resend them unless you want me to parse an updated copy).
Keep Kaspersky paused while you generate/attach the files. I’ll parse the attached files as soon as you upload them and give the single next command to make KB5070773 succeed.
 

Thanks — exiting Kaspersky completely is fine for now (it’s what I recommended as a last resort if pausing didn’t work). That removes a likely blocker while we finish the install diagnostics. Please re‑enable Kaspersky after we finish.
I still need the two small files I asked for so I can read the exact DISM failure lines and give the single next command. Run these two commands in an elevated PowerShell (exact copy/paste) — they will create two small .txt files on your Desktop:
1) Save the full package list to Desktop
dism /Online /Get-Packages | Out-File -FilePath "$env:USERPROFILE\Desktop\Packages_full.txt" -Encoding ascii
2) Save the last 300 lines of the DISM log to Desktop
Get-Content "$env:windir\Logs\DISM\dism.log" -Tail 300 | Out-File -FilePath "$env:USERPROFILE\Desktop\dism_tail.txt" -Encoding ascii
(If you prefer CMD for the first one, run in an elevated Command Prompt:
dism /Online /Get-Packages > "%USERPROFILE%\Desktop\Packages_full.txt")
When those two files are on your Desktop, attach them here. I’ll parse them immediately and give the single precise remediation (for example: apply a specific SSU/CAB, run DISM with a local source, or proceed to the in‑place repair). This is the fastest next step because we already confirmed the prerequisite (KB5043080) installed but KB5070773 still fails to commit.
I’ll wait for the attachments and will parse them as soon as they arrive.
 

Thanks — got your message and the files, but I can’t open the uploaded excerpt from here. Could you paste the small dism_err_excerpt.txt contents into the reply (it should be short)? That will let me read the exact failure lines and give the single next command.
If it’s easier, run these two short commands (copy/paste in an elevated PowerShell) and paste both outputs here:
1) Show the DISM error excerpt (small):
Select-String -Path "$env:windir\Logs\DISM\dism.log" -Pattern '0x800f0991','Error','HRESULT','Failed' -CaseSensitive:$false -Context 3,8
2) Show whether the two packages are recorded:
dism /Online /Get-Packages | findstr /I "KB5043080 KB5070773"
Also paste the first ~20 lines from the dism_err_excerpt output if that select-string returns a lot — I only need the error block around the 0x800f0991 message.
When I have that text I’ll give the single exact next action (likely: install a specific SSU or apply the KB’s .cab directly, or run DISM with a local source).
 

Thanks — I can’t read the attached files here (they arrived in a binary/archive form I can’t open). To move this to a single, exact fix I need the small text excerpt from DISM plus the package list.
Please copy‑paste the outputs of these two commands (run in an elevated prompt) into the reply exactly as shown:
1) DISM error excerpt (small):
Select-String -Path "$env:windir\Logs\DISM\dism.log" -Pattern '0x800f0991','Error','HRESULT','Failed' -CaseSensitive:$false -Context 3,8
2) Package list filtered:
dism /Online /Get-Packages | findstr /I "KB5043080 KB5070773"
If the first command returns a lot of lines, paste only the block(s) that include 0x800f0991 and ~5 lines above and below each hit.
Also keep Kaspersky paused while you gather this. Once you paste those two outputs I’ll read the exact failure lines and give the one, single command you should run next.
 

PS C:\WINDOWS\system32> dism /Online /Get-Packages | findstr /I "KB5043080 KB5070773"
PS C:\WINDOWS\system32>

First ~20 lines of dism_err_exerpt.txt:

C:\WINDOWS\Logs\DISM\dism.log:8:2025-09-12 05:44:59, Info DISM Initialized Panther logging at
C:\WINDOWS\Logs\DISM\dism.log
C:\WINDOWS\Logs\DISM\dism.log:9:2025-09-12 05:44:59, Info DISM API: PID=20764 TID=20780
Initialized GlobalConfig - DismInitializeInternal
C:\WINDOWS\Logs\DISM\dism.log:10:2025-09-12 05:44:59, Info DISM API: PID=20764 TID=20780
Initialized SessionTable - DismInitializeInternal
> C:\WINDOWS\Logs\DISM\dism.log:11:2025-09-12 05:44:59, Info DISM API: PID=20764 TID=20780 Lookup
in table by path failed for: DummyPath-2BA51B78-C7F7-4910-B99D-BB7345357CDC - CTransactionalImageTable::LookupImagePath
C:\WINDOWS\Logs\DISM\dism.log:12:2025-09-12 05:44:59, Info DISM API: PID=20764 TID=20780 Waiting
for m_pInternalThread to start - CCommandThread::Start
C:\WINDOWS\Logs\DISM\dism.log:13:2025-09-12 05:44:59, Info DISM API: PID=20764 TID=2708 Enter
CCommandThread::CommandThreadProcedureStub - CCommandThread::CommandThreadProcedureStub
C:\WINDOWS\Logs\DISM\dism.log:14:2025-09-12 05:44:59, Info DISM API: PID=20764 TID=2708 Enter
CCommandThread::ExecuteLoop - CCommandThread::ExecuteLoop
C:\WINDOWS\Logs\DISM\dism.log:15:2025-09-12 05:44:59, Info DISM API: PID=20764 TID=20780
CommandThread StartupEvent signaled - CCommandThread::WaitForStartup
C:\WINDOWS\Logs\DISM\dism.log:16:2025-09-12 05:44:59, Info DISM API: PID=20764 TID=20780
m_pInternalThread started - CCommandThread::Start
C:\WINDOWS\Logs\DISM\dism.log:17:2025-09-12 05:44:59, Info DISM API: PID=20764 TID=20780 Created
g_internalDismSession - DismInitializeInternal
C:\WINDOWS\Logs\DISM\dism.log:18:2025-09-12 05:44:59, Info DISM API: PID=20764 TID=20780 Input
parameters: ImagePath: DISM_{53BFAE52-B167-4E2F-A258-0A37B57FF845}, WindowsDirectory: (null), SystemDrive: (null) -
DismOpenSessionInternal
 

Thanks — the dism /Get-Packages filtered blank (so neither KB showed in that filter) and the excerpt you pasted only shows the DISM init lines. I still need the DISM error block around the KB5070773 attempt plus the full package list so I can tell you the single next fix.
Please run these exact commands (one at a time) from an elevated PowerShell and paste the outputs here (or attach the two small text files they create from your Desktop). Keep Kaspersky paused while you do this.
1) Produce a focused DISM error excerpt showing KB5070773 / commit errors:
Select-String -Path "$env:windir\Logs\DISM\dism.log" -Pattern 'KB5070773','kb5070773','0x800f0991','0x80070228','0x8007007b','Error','Failed' -CaseSensitive:$false -Context 5,10 | Out-File "$env:USERPROFILE\Desktop\dism_err_excerpt.txt" ; Get-Content "$env:USERPROFILE\Desktop\dism_err_excerpt.txt" -Raw
2) Save the last 800 lines of the DISM log (for context) and paste/attach:
Get-Content "$env:windir\Logs\DISM\dism.log" -Tail 800 | Out-File -FilePath "$env:USERPROFILE\Desktop\dism_tail800.txt" -Encoding ascii
3) Save the full package list (smallish text file) so I can see what’s recorded:
dism /Online /Get-Packages | Out-File -FilePath "$env:USERPROFILE\Desktop\Packages_full.txt" -Encoding ascii
After those run, either attach the three Desktop files (dism_err_excerpt.txt, dism_tail800.txt, Packages_full.txt) or paste the contents of dism_err_excerpt.txt and the first ~40 lines of Packages_full.txt here.
If you’d rather skip the logs and try a quick workaround now: extract the KB5070773 MSU and install the contained .cab (this often succeeds). Say “Try CAB” and I’ll give the exact commands to expand and apply it.
Once you post the excerpt/package list I’ll read the exact failure lines and tell you the single command to run next.
 

Do I run these two commands in Command Prompt or Powershell?

Select-String -Path "$env:windir\Logs\DISM\dism.log" -Pattern '0x800f0991','Error','HRESULT','Failed' -CaseSensitive:$false -Context 3,8
dism /Online /Get-Packages | findstr /I "KB5043080 KB5070773"
 

Use PowerShell (elevated).
Why: Select-String is a PowerShell cmdlet and the $env:windir variable expansion works there. You can run the DISM/findstr line in either, but doing both in PowerShell keeps everything consistent.
Exact copy/paste commands (run PowerShell As Administrator)
1) Produce the focused DISM excerpt and print it to the console:
Select-String -Path "$env:windir\Logs\DISM\dism.log" -Pattern '0x800f0991','Error','HRESULT','Failed' -CaseSensitive:$false -Context 3,8
2) Show whether the two packages are recorded:
dism /Online /Get-Packages | findstr /I "KB5043080 KB5070773"
If you prefer to save files instead (recommended so you can attach them), run these in elevated PowerShell:
Select-String -Path "$env:windir\Logs\DISM\dism.log" -Pattern '0x800f0991','Error','HRESULT','Failed' -CaseSensitive:$false -Context 3,8 | Out-File "$env:USERPROFILE\Desktop\dism_err_excerpt.txt" -Encoding ascii
dism /Online /Get-Packages | Out-File "$env:USERPROFILE\Desktop\Packages_full.txt" -Encoding ascii
Notes
  • Make sure the PowerShell window is "Run as Administrator".
  • Keep Kaspersky paused while you capture or install.
  • After running, either paste the console output here or attach the two files (dism_err_excerpt.txt and Packages_full.txt) from your Desktop and I’ll parse them and give the single next command.
If you’d rather use Command Prompt instead:
  • The second line works the same in cmd:
    dism /Online /Get-Packages | findstr /I "KB5043080 KB5070773"
  • But the Select-String command is PowerShell-only — use the saved-file alternatives above if you must run CMD.
Want me to wait while you run those and attach the files?
 

Thanks — that’s helpful. Summary of what I have so far:
  • Your package check returned nothing for KB5043080 / KB5070773 (they’re not recorded).
  • KB5043080 was successfully expanded/installed earlier from C:\Scratch (that step completed).
  • KB5070773 still fails during DISM /Add‑Package with 0x800f0991 (commit/LCU apply failure). That pattern commonly needs installing the package’s contained CAB directly or doing an in‑place repair if CAB install also fails.
Recommended next step — install the CAB direct (one copy/paste block)
This bypasses the MSU expand/commit path that’s failing. Run these commands in an elevated PowerShell (Run as Administrator). Pause Kaspersky and turn Controlled Folder Access OFF first.
1) Prepare a clean working folder and give it full rights:
mkdir C:\Scratch
icacls C:\Scratch /grant Administrators:F /T /C
2) Copy the KB5070773 .msu into C:\Scratch (you said you already did; if not, do it now) and unblock it:
Copy-Item "C:\Downloads\windows11.0-kb5070773-.msu" -Destination C:\Scratch\
Unblock-File -Path "C:\Scratch\windows11.0-kb5070773-.msu"
3) Expand the MSU to get the .cab(s):
mkdir C:\Scratch\KB5070773_extracted
expand -F: "C:\Scratch\windows11.0-kb5070773-.msu" C:\Scratch\KB5070773_extracted
4) Find the .cab file name (you’ll see it in the folder). Then install the CAB with DISM:

Replace <name>.cab with the actual filename you see​

DISM /Online /Add-Package /PackagePath:"C:\Scratch\KB5070773_extracted\<name>.cab"
5) If the DISM /Add‑Package succeeds, reboot:
Restart-Computer
After reboot verify:
dism /Online /Get-Packages | findstr /I "KB5070773"
Why this is the best next try
  • Installing the CAB skips the MSU expand/commit layer that currently fails (0x800f0991). The CAB route often succeeds in exactly this scenario.
If the CAB install fails — capture these tiny diagnostics and attach them
If DISM still fails, run these (elevated) — they create small files on your Desktop to attach here:
Select-String -Path "$env:windir\Logs\DISM\dism.log" -Pattern '0x800f0991','Error','HRESULT','Failed' -Context 3,8 | Out-File "$env:USERPROFILE\Desktop\dism_err_excerpt.txt" -Encoding ascii
dism /Online /Get-Packages | Out-File "$env:USERPROFILE\Desktop\Packages_full.txt" -Encoding ascii
Select-String -Path "$env:windir\Logs\CBS\CBS.log" -Pattern 'KB5070773','0x800f0991','error' -Context 3,8 | Out-File "$env:USERPROFILE\Desktop\CBS_excerpt.txt" -Encoding ascii
Get-WindowsUpdateLog -LogPath "$env:USERPROFILE\Desktop\WindowsUpdate.log"
Attach the three small text files (dism_err_excerpt.txt, Packages_full.txt, CBS_excerpt.txt) and I’ll parse them and give the single exact remedial command (or confirm we should move to an in‑place repair). The targeted‑log approach is the fastest way to a single correct fix.
If you’d rather skip straight to the surefire fix
If the CAB route fails (or you want to avoid more manual servicing attempts), the reliable fallback is an in‑place repair/upgrade using a matching Windows 11 ISO (keeps files and apps). I’ll walk you through that step‑by‑step if needed — say “In‑place repair” and I’ll provide the exact safe steps.
Which do you want to try now?
  • “Try CAB” — I’ll wait while you expand the MSU and run DISM (paste any errors).
  • “Collect logs” — run the three small log-collection commands above and attach the files. I’ll parse them and give the single next command.
  • “In‑place repair” — I’ll give the exact ISO/Setup steps to repair your installation.
I’ll stand by and help the moment you pick one.
 

C:\Scratch\KB5070773_extracted is empty as a result of:

PS C:\WINDOWS\system32> icacls C:\Scratch /grant Administrators:F /T /C
processed file: C:\Scratch
Successfully processed 1 files; Failed processing 0 files
PS C:\WINDOWS\system32> Copy-Item "C:\Downloads\windows11.0-kb5070773-.msu" -Destination C:\Scratch\
PS C:\WINDOWS\system32> Unblock-File -Path "C:\Scratch\windows11.0-kb5070773-.msu"
PS C:\WINDOWS\system32> mkdir C:\Scratch\KB5070773_extracted


Directory: C:\Scratch


Mode LastWriteTime Length Name
---- ------------- ------ ----
d----- 23/10/2025 22:35 KB5070773_extracted


PS C:\WINDOWS\system32> expand -F: "C:\Scratch\windows11.0-kb5070773-.msu" C:\Scratch\KB5070773_extracted
Microsoft (R) File Expansion Utility
Copyright (c) Microsoft Corporation. All rights reserved.

Unrecognized switch -F.
PS C:\WINDOWS\system32>
 

Thanks — that explains why the extraction folder was empty. The expand command you ran used the wrong syntax (you used -F: without the required *), and the .msu filename you copied into the command looks incomplete (windows11.0-kb5070773-.msu). Do the steps below (exact copy/paste). I’ll wait for the output and then tell you the single next command (DISM on the .cab).
Step A — confirm the exact MSU filename in C:\Scratch
Run in an elevated PowerShell:
Get-ChildItem -Path C:\Scratch | Format-Table Name,Length -AutoSize
Look at the exact MSU filename shown (it will include the long hash). Copy that full filename for Step B.
Step B — expand the MSU correctly (use the full filename you found)
Run this exact command in an elevated PowerShell (replace <exact-msu-filename.msu> with the file name from Step A — include the extension and full name):

run expand from cmd.exe to avoid any PowerShell parsing issues​

cmd.exe /c "expand -F:* \"C:\Scratch\<exact-msu-filename.msu>\" C:\Scratch\KB5070773_extracted"
Notes:
  • The correct switch is -F:* (star required).
  • Quoting the path protects spaces or special characters.
  • Running expand via cmd.exe avoids PowerShell interpreting switches differently.
Step C — verify the extraction and find the .cab
If expand succeeds, list the extracted files:
Get-ChildItem -Path C:\Scratch\KB5070773_extracted -Recurse | Format-Table FullName,Length -AutoSize
You should see at least one .cab file (and sometimes .mum/.manifest/.cat files). Note the .cab filename.
Step D — install the CAB with DISM
Run (replace <cabname>.cab with the actual filename):
DISM /Online /Add-Package /PackagePath:"C:\Scratch\KB5070773_extracted\<cabname>.cab"
If that completes successfully, reboot:
Restart-Computer
After reboot verify:
dism /Online /Get-Packages | findstr /I "KB5070773"
(or) Get-HotFix | Where-Object { $_.HotFixID -eq 'KB5070773' }
If expand fails again
  • Paste the exact error shown by the expand command here.
  • Alternative extraction (if expand not present or fails): if you have 7‑Zip installed run (PowerShell):
    & "C:\Program Files\7-Zip\7z.exe" x "C:\Scratch\<exact-msu-filename.msu>" -o"C:\Scratch\KB5070773_extracted"
    (Only use this if 7‑Zip is installed.
If the CAB install fails with an error — collect these small files and attach them and I’ll read them:
  • Powershell (Admin):
    Select-String -Path "$env:windir\Logs\DISM\dism.log" -Pattern '0x800f0991','Error','Failed' -Context 3,8 | Out-File "$env:USERPROFILE\Desktop\dism_err_excerpt.txt" -Encoding ascii
    dism /Online /Get-Packages | Out-File "$env:USERPROFILE\Desktop\Packages_full.txt" -Encoding ascii
    Select-String -Path "$env:windir\Logs\CBS\CBS.log" -Pattern 'KB5070773','0x800f0991','error' -Context 3,8 | Out-File "$env:USERPROFILE\Desktop\CBS_excerpt.txt" -Encoding ascii
What I’ll do next
  • If you run the expand→find .cab→DISM commands above, paste the results (or attach the Desktop files) and I’ll give the single next action.
  • If you prefer, say “Try CAB now” and I’ll assume you want to run the extraction/installation and I’ll wait for your final error/output.
I’ll stand by — paste the output of Get-ChildItem C:\Scratch (Step A) when ready.
 

Filename in Scratch:

windows11.0-kb5070773-.msu
 

You must log in or register to reply here.
Back
Top