When you type in a Web address such as www.example.com into a browser, the application contacts a DNS (Domain Name Services) server looks up the DNS name and translates it in to a numeric IP address. When Windows does a DNS lookup it first checks a file called HOSTS which is like a mini-DNS server before it checks the regular DNS server. This file is a legacy technology from the past, but its left in the OS for backwards compatibility.
This file is a popular target of malware, which tries to use it redirect traffic from real sites to phishing sites to steal your personal information. The file is located in the following directory C:\WINDOWS\SYSTEM32\DRIVERS\ETC, and the file name is HOSTS with no file extension.
Note: Lines with pound signs (#) are comments.
# Copyright (c) 1993-2009 Microsoft Corp.
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
# For example:
# 220.127.116.11 rhino.acme.com # source server
# 18.104.22.168 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost