Finding Files with hidden extentions

I am recovering from two ransomware attacks on my Windows 10 desktop.

I've been told that one mal-hacker tactic is to append to the filename of a doc file (as an example) an exe extension, hide that additional extension, and when the doc file is chosen a malware app is executed locking up the PC.

I tried to find any files that have some kind of extra extension, but have been unsuccessful. I want to be reasonably sure that this sort of file manipulation doesn't exist on the recovered machines.

I thought my best chance at a positive result was to use the command line. Any combination of * or ? queries, like dir *.???? /s or dir *.???.?* provides me with a list of all standard 3 digit extensions as well.

Either, what am I doing wrong, or what method should I be using to get a list of only files with more than one extension in the same filename?

BTW, I also have a Windows 7 PC on the LAN that I would like to check in the same way, in case the syntax is different between the two OSs.

Thanks.

Frank

As @Berton showed in the screenshot, just ensure that "Hide extensions for known file types" is NOT checked and then search for *.exe. You may want to limit that search to C:\Users or C:\Users\{yourusername}.

There are no special tricks in this regard. The bad actors simply take advantage of the fact that the default setting is to hide file extensions and then create an exe with a filename such as "CuteKittens.doc.exe" which you see as "CuteKittens.doc" if extensions are hidden. Note that, in this example, ".doc" is not an extension. It's just part of the filename. The extension is the part after the LAST dot.

The usual path for such files to be on your computer is an email attachment that you opened (but shouldn't have). Your email spam filters should generally put such messages straight into the spam folder. If that's not happening, you might want to consider changing your email service.