It is possible for a malicious user to name a file so that it looks safe to open, when in fact it may be executable containing dangerous content.
For example, a file could be displayed as "readme.txt" in explorer, when it fact it is really name "readme.txt.shs" but since the ".shs" portion of the filename is hidden it is impossible to tell it apart from a simple text file. Then once a user double-clicks to open this file, instead of seeing a text page as expected, the file will be executed by Windows as a scrap object and potentially harm the system.
To remove the potential to hide files, search through the registry for any values named "NeverShowExt", a common one is located at [HKEY_CLASSES_ROOT\ShellScrap]. To force the file extension to be shown highlight the value "NeverShowExt" and press delete. Now the full file extension should be shown and not masked.
You may need to restart or logoff Windows for the change to take effect.
Settings
Key:[HKEY_CLASSES_ROOT]
Value Name: NeverShowExt
