MHH, I was able to reproduce your issue. I had Symantec 10 client machine (also with locked LiveUpdate user interface) and it didn’t update from my local live update server (via ftp on the same Lan and no firewall, proxy, etc.) The client machine was giving the same message you were receiving that it didn’t find any updates available. I was trying Start > Run > luall.exe to update the virus definitions.
After doing the registry hack you mentioned above, I was able to click the 'LiveUpdate' button from the "Symantec AntiVirus" user interface, which like you said successfully updated the client.
I then decided to run the Process Explorer utility (free from Sysinternals.com) and noticed that running the live update via the user interface was creating two processes; VPDN_LU.exe and LUALL.EXE (properties of the later revealed the same command line you found in the logs)
It seems that luall.exe when run manually from the Start menu cannot perform the update because it is missing the product information, which is otherwise provided as command line parameters by vpdn_lu.exe
Running vpdn_lu.exe manually from the command prompt will open the same LiveUpdate window as if I click the LiveUpdate button in the Symantec AntiVirus UI and will have the correct product information needed for the update. So, vpdn_lu.exe has to be used instead of luall.exe
Now, try this and tell me Who da King ;)
Open DOS prompt and enter:
"C:\Program Files\Symantec AntiVirus\vpdn_lu.exe" /s
When running the above command, be patient, it takes a while, but when it finishes you will have an updated client. Remove the /s switch if you want the user interface.
Below are the options you can use with vpdn_lu.exe
vpdn_lu.exe /fUpdate /s
to retrieve virus definitions silently.
vpdn_lu.exe /fVirusdef /s
to retrieve product updates silently.
Hope the above solves the problems you were experiencing and gives you answer how to do silent auto update from a script.
Peter.