I just finished commenting this out. I don't have a clue how, but according to Hdx, reading my IDB file's comments helped him learn somewhat, so maybe I'll help someone else out a bit? Dunno.
.text:00401250 ; ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦ S U B R O U T I N E ¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦
.text:00401250
.text:00401250 ; This function doesn't appear to have any arguments
.text:00401250 ; Attributes: bp-based frame
.text:00401250
.text:00401250 ; int __cdecl GetVersionHash()
.text:00401250 GetVersionHash proc near ; CODE XREF: CheckRevision+98�p
.text:00401250
.text:00401250 sBuffer = dword ptr -218h
.text:00401250 dwHandle = dword ptr -214h
.text:00401250 len = dword ptr -210h
.text:00401250 sFilename = byte ptr -20Ch
.text:00401250 checksum = dword ptr -4
.text:00401250
.text:00401250 push ebp
.text:00401251 mov ebp, esp
.text:00401253 sub esp, 218h
.text:00401259 mov eax, dword_404000
.text:0040125E xor eax, ebp
.text:00401260 mov [ebp+checksum], eax
.text:00401263 and [ebp+sBuffer], 0
.text:0040126A and [ebp+len], 0
.text:00401271 push esi
.text:00401272 push edi
.text:00401273 push 260 ; nSize
.text:00401278 lea eax, [ebp+sFilename]
.text:0040127E push eax ; lpFilename
.text:0040127F push 0 ; hModule
.text:00401281 call ds:GetModuleFileNameW ; C++: eax = GetModuleFileNameW(0, sFilename, 260);
.text:00401281 ;
.text:00401281 ; This gets the ModuleFileName of the current process, since hModule is null
.text:00401287 test eax, eax
.text:00401289 jz short loc_4012FB
.text:0040128B lea eax, [ebp+dwHandle]
.text:00401291 push eax ; lpdwHandle
.text:00401292 lea eax, [ebp+sFilename]
.text:00401298 push eax ; lptstrFilename
.text:00401299 call GetFileVersionInfoSizeW ; C++: infoSize = GetFileVersionInfoSizeW(sFilename, dwHandle)
.text:0040129E mov edi, eax
.text:004012A0 push edi ; dwBytes
.text:004012A1 call HeapAllocWrapper ; C++: eax = HeapAllocWrapper(infoSize)
.text:004012A6 mov esi, eax ; esi points to our new heap
.text:004012A8 test esi, esi
.text:004012AA pop ecx
.text:004012AB jz short lblTryAnsi ; Theres no checking on GetFileVersionInfoSizeA, so it could
.text:004012AB ; be either function that failed, but it was probably GetFileVersionInfoA
.text:004012AD push esi ; lpData
.text:004012AE push edi ; dwLen
.text:004012AF push [ebp+dwHandle] ; dwHandle
.text:004012B5 lea eax, [ebp+sFilename]
.text:004012BB push eax ; lptstrFilename
.text:004012BC call GetFileVersionInfoW ; C++: (bool)eax = GetFileVersionInfoW(sFilename, dwHandle, edi, esi)
.text:004012BC ;
.text:004012BC ; EDI points to the info size
.text:004012BC ; ESI points to the heap
.text:004012C1 test eax, eax
.text:004012C3 jz short lblTryAnsi
.text:004012C5 lea eax, [ebp+len]
.text:004012CB push eax ; puLen
.text:004012CC lea eax, [ebp+sBuffer]
.text:004012D2 push eax ; lplpBuffer
.text:004012D3 push offset SubBlockW ; lpSubBlock
.text:004012D8 push esi ; pBlock
.text:004012D9 call VerQueryValueW ; VerQueryValueW(esi, SubBlock, sBuffer, len)
.text:004012D9 ;
.text:004012D9 ; ESI points to the heap
.text:004012D9 ; SubBlockW is a WCHAR, "\"
.text:004012DE test eax, eax
.text:004012E0 jz short lblTryAnsi
.text:004012E2 mov eax, [ebp+sBuffer]
.text:004012E8 test eax, eax
.text:004012EA jz short lblTryAnsi
.text:004012EC cmp [ebp+len], 34h
.text:004012F3 jnb lblFinish
.text:004012F9 jmp short lblTryAnsi
.text:004012FB ; ---------------------------------------------------------------------------
.text:004012FB
.text:004012FB loc_4012FB: ; CODE XREF: GetVersionHash+39�j
.text:004012FB mov esi, [ebp+dwHandle]
.text:00401301
.text:00401301 lblTryAnsi: ; CODE XREF: GetVersionHash+5B�j
.text:00401301 ; GetVersionHash+73�j ...
.text:00401301 push 520 ; nSize
.text:00401306 lea eax, [ebp+sFilename]
.text:0040130C push eax ; lpFilename
.text:0040130D push 0 ; hModule
.text:0040130F call ds:GetModuleFileNameA ; C++: eax = GetModuleFileNameA(0, sFilename, 520);
.text:00401315 test eax, eax
.text:00401317 jz lblFail
.text:0040131D lea eax, [ebp+dwHandle]
.text:00401323 push eax ; lpdwHandle
.text:00401324 lea eax, [ebp+sFilename]
.text:0040132A push eax ; lptstrFilename
.text:0040132B call GetFileVersionInfoSizeA ; C++: infoSize = GetFileVersionInfoSizeA(sFilename, dwHandle)
.text:00401330 mov edi, eax
.text:00401332 push edi ; dwBytes
.text:00401333 call HeapAllocWrapper ; C++: eax = HeapAllocWrapper(infoSize)
.text:00401338 mov esi, eax
.text:0040133A test esi, esi
.text:0040133C pop ecx
.text:0040133D jz short lblFail ; Theres no checking on GetFileVersionInfoSizeA, so it could
.text:0040133D ; be either function that failed, but it was probably GetFileVersionInfoA
.text:0040133F push esi ; lpData
.text:00401340 push edi ; dwLen
.text:00401341 push [ebp+dwHandle] ; dwHandle
.text:00401347 lea eax, [ebp+sFilename]
.text:0040134D push eax ; lptstrFilename
.text:0040134E call GetFileVersionInfoA ; C++: (bool)eax = GetFileVersionInfoA(sFilename, dwHandle, edi, esi)
.text:0040134E ;
.text:0040134E ; EDI points to the info size
.text:0040134E ; ESI points to the heap
.text:00401353 test eax, eax
.text:00401355 jz short lblFail
.text:00401357 lea eax, [ebp+len]
.text:0040135D push eax ; puLen
.text:0040135E lea eax, [ebp+sBuffer]
.text:00401364 push eax ; lplpBuffer
.text:00401365 push offset SubBlockA ; "\\"
.text:0040136A push esi ; pBlock
.text:0040136B call VerQueryValueA ; VerQueryValueW(esi, SubBlock, sBuffer, len)
.text:0040136B ;
.text:0040136B ; ESI points to the heap
.text:0040136B ; SubBlockA is a CHAR, "\"
.text:00401370 test eax, eax
.text:00401372 jz short lblFail
.text:00401374 mov eax, [ebp+sBuffer]
.text:0040137A test eax, eax
.text:0040137C jz short lblFail
.text:0040137E cmp [ebp+len], 34h ; Check if the length of
.text:0040137E ; lpBuffer is less than 52
.text:00401385 jb short lblFail
.text:00401387
.text:00401387 lblFinish: ; CODE XREF: GetVersionHash+A3�j
.text:00401387 movzx edx, byte ptr [eax+16h]
.text:0040138B xor ecx, ecx
.text:0040138D mov ch, [eax+12h]
.text:00401390 push esi ; lpMem, memory to be freed by HeapFree
.text:00401391 mov cl, [eax+10h]
.text:00401394 movzx eax, byte ptr [eax+14h]
.text:00401398 shl ecx, 8
.text:0040139B or ecx, edx
.text:0040139D shl ecx, 8
.text:004013A0 or ecx, eax
.text:004013A2 mov edi, ecx
.text:004013A4 call HeapFreeWrapper
.text:004013A9 mov eax, edi
.text:004013AB jmp short lblExit
.text:004013AD ; ---------------------------------------------------------------------------
.text:004013AD
.text:004013AD lblFail: ; CODE XREF: GetVersionHash+C7�j
.text:004013AD ; GetVersionHash+ED�j ...
.text:004013AD push esi ; lpMem, memory to be freed by HeapFree
.text:004013AE call HeapFreeWrapper
.text:004013B3 xor eax, eax
.text:004013B5
.text:004013B5 lblExit: ; CODE XREF: GetVersionHash+15B�j
.text:004013B5 pop ecx
.text:004013B6 mov ecx, [ebp+checksum]
.text:004013B9 pop edi
.text:004013BA xor ecx, ebp
.text:004013BC pop esi
.text:004013BD call TextEcxAgainst404000
.text:004013C2 leave
.text:004013C3 retn
.text:004013C3 GetVersionHash endp
EDIT -
I attached both my IDB file and the original DLL. They've both got a ".txt" added to the end, so take that into account if you try to use them.
