It is possible for a malicious user to name a file so that it looks safe to open, when in fact it may be executable containing dangerous content.
For example, a file could be displayed as "readme.txt" in explorer, when it fact it is really name "readme.txt.shs" but since the ".shs" portion of the filename is hidden it is impossible to tell it apart from a simple text file.
Then once a user double-clicks to open this file, instead of seeing a text page as expected, the file will be executed by Windows as a scrap object and potentially harm the system.
To remove the potential to hide files, open your registry and using the search function find each occurance of a value named "NeverShowExt".
When this value is present the associated file extension will not be shown. To display the file extension highlight the "NeverShowExt" value and press Delete. Repeat this process for each extension you want to display.
Some common hidden extensions include:
Document Shortcut (.SHB)
Internet Shortcut (.URL)
File Shortcut (.LNK)
DOS Shortcut (.PIF)
Explorer Command (.SCF)
Shell Scrap Object (.SHS)
Restart Windows for the change to take effect.