0XC0000041

STATUS_PORT_CONNECTION_REFUSED (0XC0000041) fix

Network & Connectivity Intermediate 👁 0 views 📅 Jun 10, 2026

That LPC port error means something's blocking the connection between processes. Here's exactly how to find and fix it.

Let's cut through the noise

Yeah, 0XC0000041 is frustrating. It usually pops up when an app tries to talk to another process (like a service) over a Local Procedure Call (LPC) port and gets flat-out denied. I've seen it most often in enterprise environments with custom apps, SQL Server agents, or backup tools suddenly failing. Don't waste time rebooting or reinstalling — the culprit here is almost always a security filter or a corrupted LPC port registration.

The single fix that works 90% of the time

Here's the thing: LPC ports are managed by the Windows kernel and are heavily guarded by the Windows Filtering Platform (WFP). When a rule blocks the NtConnectPort call, you get 0XC0000041. The fastest path is checking AppLocker and the registry.

  1. Open an Admin Command Prompt — Win+X, then 'Terminal (Admin)' or 'Command Prompt (Admin)'.
  2. Run this command to check WFP filters:
    netsh wfp show filter

    Look for anything blocking port 0 (LPC uses port 0) or a specific port range. If you see a filter with action 'Block' and a remotePort of 0, that's your problem. Remove it with:
    netsh wfp delete filter FILTER_ID

    Get the filter ID from the output.
  3. Check AppLocker rules — Run secpol.msc -> Application Control Policies -> AppLocker -> AppLocker Rules. Look for any rule blocking the executable that's throwing the error. Disable it temporarily to test.
  4. Registry fix — If the above doesn't work, go to:
    HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters

    Check the OptionalOps value. If it's set to 0, change it to 1. This allows LPC connections from non-admin processes. Restart the Workstation service afterwards: net stop LanmanWorkstation && net start LanmanWorkstation

Test the app. If it works now, you're done. Don't forget to re-enable any AppLocker rules you disabled — just make an exception for the specific executable.

Why this works

LPC ports are kernel objects used by Windows for inter-process communication. When an app calls NtConnectPort, the kernel first checks WFP filters (firewall rules at the system level), then AppLocker policies, then the registry for permission flags. Any of these can reject the request with 0XC0000041. The netsh command dumps those filters so you can see what's blocking. The registry key OptionalOps controls whether LPC connections require admin rights — some older apps don't handle that well. Setting it to 1 relaxes that check.

Less common variations of the same error

Sometimes the error isn't from AppLocker or WFP. Here are a few other triggers I've seen:

  • Corrupted Service Dependency — If a dependent service (like RPC Endpoint Mapper) is stopped or crashed, LPC connections to that service fail. Run sc query RpcSs to check its state. Restart it if needed.
  • Third-party security software — Symantec Endpoint Protection, McAfee, and CrowdStrike have all been known to hook into LPC and block connections. Temporarily disable the security software to test. If it fixes it, add an exception for your app in that software's policy.
  • Windows Defender Application Guard (WDAG) — If the app is running inside a container, it can't use LPC to talk to the host. Move the app outside the container or use a different communication method (like named pipes).
  • User Account Control (UAC) virtualization — When an app runs with lower integrity than the target service, LPC can be denied. Run the app as administrator (right-click -> Run as administrator) to see if it clears up.

How to prevent this from coming back

Once you've fixed it, do these three things:

  1. Document the exception — Add the executable path to your AppLocker or security software's allow list permanently. Don't just disable rules globally.
  2. Monitor WFP changes — Use netsh wfp show state periodically to spot new blocking filters. Set up a scheduled task that logs this weekly.
  3. Keep service accounts consistent — LPC errors often spike after a service account password change. Make sure all services that talk to each other use accounts with matching privileges (e.g., LocalSystem, NetworkService).

That's it. No voodoo. Just a systematic check of the three places Windows guards LPC ports.

Was this solution helpful?

STATUS_PORT_CONNECTION_REFUSED 0XC0000041 NtConnectPort LPC port blocked Windows LPC error process communication failure registry fix port connection anti-virus blocking LPC AppLocker port error Windows Filtering Platform firewall blocked LPC service dependency issue