WatchGuard System Manager provides an executable file to unlock attachments locked by DLP or Gateway AntiVirus. When DLP locks a file, the locked file remains attached to the email message, but the file has an appended file extension of .clk. So, for example, if the original file attachment name was example.zip, the locked file attachment name is example.zip.clk. To unlock a file, you must save the attached .clk file to the computer where you have installed WatchGuard System Manager.
The executable file utility to unlock a file is located in:
For x64-based systems, the location is:
To open a locked file:
- Save the file attachment to a location on the computer where WatchGuard System Manager is installed. It may be easiest if you copy the file to the same location as the unlock.exe utility.
- Open a command prompt as an administrator. You can do this by right-clicking the command prompt shortcut in Windows.
- Type Unlock <path and filename of locked file>.
For example, if the locked file is called wgrd_deny_xxxxxxxx.clk, and it is located in the root directory (C:\), you type:
The utility saves the unlocked file to the local directory. In this example, to the C:\Program Files\WatchGuard\wsm11\bin\ directory.
To unlock all locked files in a directory to a specified directory:
- Open a command prompt as an administrator. To do this, right-click the command prompt shortcut in Windows.
- Type Unlock <path and name of directory with locked files> <path and name of destination directory>.
For example, if the locked files are in a directory called locked-files located in the root directory (C:\) and you want to unlock them to a directory called unlocked-files, you type:
unlock c:\locked-files c:\unlocked-files
The specified destination directory must already exist. The unlock.exe utility will not create a new directory
After you unlock the file, you can use the appropriate application to examine the content of the attachment.