Just for information's sake, the trick is done like this:
The VBS script or EXE file is named,
FILENAME.JPG.VBS or
FILENAME.MP3.VBS so that the poor
unwary person with extensions disabled
sees it as :
FILENAME.JPG or whatever
There's no special software that "drops"
or "changes" the extension.
The perpetrator just hopes that
the victim will have filename extensions
hidden, and will carelessly double-click the file

The whole concept of the GUI is flawed, in that,
when you double-click a text file, it executes
your editor or word processor;
if you double-click a JPG, it invokes your
picture viewer; but if you double-click an
executable, it runs the file you clicked
as a program.
This is totally inconsistent, unpredictable, and
prone to the kind of mischief we've been discussing