VersionInfo and utf-16le vs utf-16be

[arty-hlr]

Hello,

While working on those LOL drivers, I noticed a few things:

• several documentation files state that the VersionInfo strings come from the PE header, that is incorrect, as they come from a string table in the resources section
• the yara-generator.py uses utf-16be instead of utf-16le to generate the hex encoded strings. This works because there usually is a zero byte before the string from the previous one, but should be fixed
• a few rules only contain a FileVersion or ProductVersion from that string table. These might be too broad and could result in FPs

I can submit a PR for the first two points if desired, for the third point I guess it's up to you, but at least a sentence about it would be helpful.