As garry says the official site is www.rarlab.com
Here is the first part of the Trend labs report
"A WinRAR-lose situation
June 20th, 2007 by Trend Micro
If users wanted to download WinRAR, the popular archiver tool to process RAR and ZIP files, where would they go? Chances are, they’d type in the name of the tool itself and just add .com (www.winrar.com) in their browser’s address bar. Unbeknownst to them, however, the said site is not the official site from which the legitimate tool could be downloaded–that would be www.rarlab.com, actually.
TrendLabs has just received reports on how unsuspecting users could end up downloading malware, instead of WinRAR, onto their systems. When they try to click on the “Free Software Downloads” button in www.winrar.com (as seen below), they would be led to another page where they are prompted to click on “Download Winrar”.
More of the report can be found at
http://blog.trendmicro.com/index.php?s=win...utton=SEARCH%21