Related
I have the T-Mobile ROM 1.60 currently installed on my I-Mate. Now I am trying to install the latest I-Mate update, I keep getting Country ID Error 120. Anyone know a solution? It seems we need some kind of AdaptROM...
The same for me yesterday ERROR 120, I try anyway but no results
I think that new ROM only for I- mate Device with special IMEI Number :evil:
Any ideas? :?:
I upgrade to i-mate update and I try to upgrade to T-Mobile I get the same error!!
anyone can help?
try to hard way...
unzip the ruu15283wwe_cdl.exe file,
you'll find there the *.nbf files.
Use the files to flash with SD card.
I'm not sure if this also works with the XDA II, but try XDATools:
http://www.xda-developers.com/XDAtools/
tomerbn said:
try to hard way...
unzip the ruu15283wwe_cdl.exe file,
you'll find there the *.nbf files.
Use the files to flash with SD card.
I'm not sure if this also works with the XDA II, but try XDATools:
http://www.xda-developers.com/XDAtools/
Click to expand...
Click to collapse
It seems not possible by writing just writing the nbf to SD card and flash to the XDA 2 anymore.
Because the bootloader will check the first 412 bytes (i believe it is the code on the last line of the 412 bytes, somthing like HTCSA00400000XXXXXXXX.............) of the rom on the SD card match with your machine or not. Therefore without any modification, only the ROM dump from the Machine itself can be flashed.
Moreover, nbf is encoded, you can't just edit it by HEX editor, you have to get the rom in nb1 format.
I think XDA developers have to develop new tools to
1. Get the first 412 byte of the rom from your machine in an easier way. Now we have to use Multiport / USB TTY get into bootloader console, dump the rom to SD card , and use ntrw read the SD Raw data to the computer to get this 412 byte. You need a HEX Editor to do so. (Please correct me if I said something wrong).
We can
a) develop an APP to get the 412bytes from SD to harddisk without using a HEX editor
b) directly read this 412 bytes from the XDA2 if possible.
2. A Rom tools that can add your machine's own first 412bytes (or the code) , combine it with a .nb1 or .nbf and write it to a SD card.
By the way , I think a new adoptrom support XDA2 will be the best solution 8)
note added by itsme: this will very likely break your devie!! - better look at sdtool
same problem
i'm having the same problem, installed imate update, now i cant install the t-mobile update.
nobody seems to know how to fix this
HEEEEEEEEEEEEELLLLLLLLPPPPPP
try this
Hi,
another idea... :idea:
try to unzip (using winrar i.e.) the file ruu15283wwe_cdl.exe,
and run the HimaUpgradeUt.exe
It might work!
I got error, the device is not connected, or something like that, while trying to use the original file, but with the HimaUpgradeUt it works!
Tomer
Check this out http://forum.xda-developers.com/viewtopic.php?t=4785
First it was a Phone, then it became a computer phone, now it is camera computer phone... what will be the next?
Click to expand...
Click to collapse
A camera computer phone with a stable, reliable OS? Oh well, we can dream....
I had a hard time to upgrade and modify my xda2 so I decided to make a small tutorial for everyone with the information’s I found on the forum. It’s not perfect but it could help.
Thank's to every one who made all this possible!!
Before starting I recommend every one to make a back-up of your rom
http://forum.xda-developers.com/viewtopic.php?t=4608
1- Extended Rom:
Your XDA2 has an Invisible Extended Rom in the device containing the operator’s configuration files and software.
Modifying it will allow you to customize the boot image and to choose the programs you wish to install during the setup of the device.
To show the extended rom on your device your need to apply this small hack and then open your file explorer:
http://www.ppcw.net/index.php?itemid=1638
2- Files contained in the Extend Rom:
Broadcast_WWE.sa.CAB:
Seems to only set the CellBroadcast setting to enabled or disabled. (I guess this refers to the Reception of News via SMS by selecting channels of interested. Quite expensive I think and only interesting for phones that do not have any other capabilities of receiving and displaying information).
T-Mobile NL sets it on, with O2 it's switched off.
CallerIDRC11_WWE_1.5.sa.CAB:
Installs the CallerID application from IA Style and the Photo Contacts extension. There are other programs that are able to provide this functionality but I use it.
CameraRC131_WWE_1.5.sa.CAB:
The camera application for taking pictures and recording videos. AFAIK there is currently no alternative to this one, you should leave it in your ROM.
GPRSMonitor_WWE.sa.CAB:
Includes the GPRS Monitor from SPB Soft. Very useful I would recommend it unless you aren't going to use GPRS anyway.
MIDI56.sa.CAB:
RingTone plugin player. Allow you to play back RingTones in the following formats: mid,3gp,mp4. Also seems to register the audio/midi MIME type for playback of midi files directly from Internet Explorer.
By default the XDA can play back only wav and wma audio files (AFAIK)
MMS1507_WWE.sa.CAB:
Installs the Arcsoft MMS application for composing and sending MMS messages.
VideoMMS.sa.CAB (not contained in Qtek):
Installs the "Video MMS.exe" file into the Windows folder. When you start it you are in camera mode immediately and after you have recorded a picture or video you get into MMS composition mode.
This seems to be just an easier way to compose MMS messages since the main MMS Application (see above) is already able to compose MMS messages.
OEM_AKU1_WWE_4AP.sa.CAB (named OEM_4AP_WWE.CAB in Qtek ROM)
Installs the following files: GPRSAuthentication.exe, BTSetting.exe, STK.exe and WModem.exe
I am not sure if these are customized versions or if the normal ROM doesn't contain them. Well perhaps not because these are specific to the Phone edition so they can't be present in the main ROM, maybe they are contained in the Radio ROM, but probably they are only contained here, meaning you shouldn't remove this cab file.
OEM_WWE_03120301.sa.CAB (named OEM_WWE_03122301.sa.CAB in Qtek ROM)
Installs files for Bluetooth: AudioGW.dll, BthASPlugIn.dll, rilgsm.dll, Serial3.dll and Wavedev.dll. Also contains the new feature of mapping a (dynamic) serial port for BT.
I think you should not remove it.
TM_phone_class10.CAB (not contained in Qtek):
Installs several registry settings regarding phone functionality. (See my other post regarding this topic: http://forum.xda-developers.com/viewtopic.php?t=5539)
TMCOMREG.sa.CAB (not contained in Qtek):
Contains some of the settings contained in the previous one anyway. I'm not sure if it does anything else but I don't think so.
TMD_AP_NL.sa.CAB (not contained in Qtek):
Implements several settings specific to T-Mobile (NL): Restricts video types for MMS. Adds connection and gateway settings for MMS connection via T-Mobile NL. Adds a T-Mobile profile to GPRS Monitor.
I would not install this cab unless you live in NL!
TMD_NL.sa.CAB (not contained in Qtek):
Sets the HKEY_LOCAL_MACHINE\SOFTWARE\OEM\3rdversion\MSYSTEM1 value to the provider name.
Not required!
TMDNLCustomize.sa.CAB (not contained in Qtek):
Adjusts all the "theming" stuff: Changes colors, installs Today-theme, installs T-Mobile Dialpad, sets T-Mobile ringtone.
If you don't like you xda2 look like a pink pig you should leave this out.
(You can extract single items from the cab file if you like)
t-mobile_shortcuts_only(UK).PPC2002_ARM.CAB (not contained in Qtek):
Contains some strange things that seem to me rather useless: "WebDisplayText t-zones", "T-Mobile Resetter.exe", "T-Mobile PIE Launcher.exe", "TMobileWebToday.dll", "T-Mobile Homepage Plugin".
I wouldn't install this one!
Version_AKU1.sa.CAB (Version_AKU1_160.sa.CAB in Qtek):
Seems to only set the version number of the extended ROM in the registry.
3- Modifying and editing your Extended Rom:
Most of the latest XDA2 have a write protected Extended Rom
A) For NOT Write Protected Extended Rom:
If your XDA2 Extended Rom is not write protected just add the new files you want, you can find on the forum many different extend rom files (O2, T_Mobile, Orange) and kitchen your own extended Rom by adding the cab files directly in the Extended_rom directory and soft reset.
B) For Write Protected Extended Rom:
The only way for the moment (until we find a way to make the rom writable) is to use the upgrade programs used by the operators and ER2003Edit program.
1)- Download
http://www.c1au.com/iMatePDAROMS/ruu15283.zip
or
http://www.clubimate.com/Support/ruu113sku1.zip
2) Simply unpack the complete T-Mobile Rom update file (it's a zipped EXE) into a folder.
There you will find these 6 files:
- HimaClearJumpCode.exe
- HimaGetDeviceData.exe
- HimaUpgradeUt.exe
- ms_.nbf <----- this is the file which holds Ext Rom!
- NK.nbf (main rom)
- Radio_.nbf (radio rom)
3) Delete the other *.nbf files to prevent updating the full XDA2/MDA2 rom. You only need "ms_.nbf" and the "*.exe" files!
4) Now modify the ms_.nbf with the tool softworkz kindly provided.
http://wiki.xda-developers.com/wiki/ER2003Edit
5) After this, install the modified ext-rom to your XDA2/MDA2 by starting "HimaUpgradeUt.exe" and follow the instructions!
6) If you get a country code error during the install you will need to modify the country code included in the ms_.nbf file
- Download xda2nbftool
http://forum.xda-developers.com/viewtopic.php?t=5563
- Put xda2nbftool.exe in the same folder as your ms_.nbf file
- Run xda2nbftool.exe from Command Prompt and type the following command
xda2nbftool.exe -so O2 -v ms_.nbf
Replace O2 by your operator’s name (ex: orange, O2 etc)
It should now work!
cheers,
Yann
nice one Yann
Thanks
I had a go at doing the "if your extended rom is protected"
I down loaded the file
1)- Download
http://www.c1au.com/iMatePDAROMS/ruu15283.zip
and accidentally ran it.... I know I was stupid... I now have an I-Mate instead of a XDA - O2. Please help can I get the O2 back is there a programme that does the same as the one I just have used. It has changed every thing the radio stack, the other bits of software, I am just pleased it still works of calls.
I couldn’t find the indivuiual HimaUpgradeUt.exe programme any ware.
Please help I am really stuck at the minute!!
The bit I didn’t understand was the bit about unpack the exe. Which I now understand how to do. Although I have upgraded to Rom 1.52.00wwe, radio version 1.06.01, I can haply say I have the original O2 rom back in place with additional programmes installed in the Ex-Rom. I had a fair bit of space so I popped some music files in as well!!!!
Thanks for all the help!!!!
thanks yann for the perfect summary
as newby i needed something clear like this to dare my first rom changes, and i successfully did!
it would be even more perfect if also somehow the program settings/passwords could be cooked in/restored from the extended rom. i searched the forum but could not find any hints.
Are there methods for this ?
Perhaps a silly question, but I'm fairly conservative when it comes to messing around with my device.
How do you find out or know if your Ext ROM is write protected or not? I know that I can add applications to my Ext ROM and it does not seem like I should be able to do that if it's write protected, but then again I'm not sure if this matters.
Ed
ed, if you can copy files to your ext-rom via activesync, it is per definition not write-protected.
your not that conservative, because you already run a tool or edited the registry to be able to see the ext-rom
ronald,
Well I guess you are right I do like to play around, as I get more comfortable doing so. It is this Forum, guys like you, and some other forums that have made this possible for me to do. For some reason I'm more comfortable in general hacking around a desktop pc than a PPC.
I thought my Ext ROM must not be write protected. When I deleted the TMD files, described here as useless, I got the message that they were read only, but they did go away from the Ext ROM Folder. I do not notice a big difference, however, nor did it free up that much memory. I was thinking that I might need to do more then this. Do I?
So basically, if my Ext ROM is not right protected, and I have been already loading programs into the Ext ROM, I’m pretty much at the place people are trying to get with the Ext ROM Cook ER...Edit. Is that correct or am I missing something here?
Ed
Ed,
I do not like flashing rom (or bios) on either my desktop or PDA (if not absolute sure to fix bugs). However flashing the PDA's ext-rom can basically not screw up the PDA because you don't touch the OS, so I flashed the ext-rom to get familiar with the PDA flashing in general (and also to have a restore of my standard used software after a hard-reset).
About your ext-rom; I do not recognise your situation. I would say if it is read-only the file will not disappear (like with my PDA).
I did notice while editing the ext-rom file for flashing that the file is fixed ~16MB, regardless of which cab's are included or deleted.
Maybe this is the same effect that you see when deleting the file in the ext-rom ???????? (although I can imagine both effects have no relation)
ronald
Camera Programs
Okay,
I made a custom ROM with the following programs:
CAB: \Extended_ROM\CameraRC131_WWE_1.5.sa.CAB
CAB: \Extended_ROM\CallerIDRC11_WWE_1.5.sa.CAB
CAB: \Extended_ROM\MMS1507_WWE.sa.CAB
CAB: \Extended_ROM\GPRSMonitor_WWE.sa.CAB
CAB: \Extended_ROM\Version_AKU1.sa.CAB
CAB: \Extended_ROM\OEM_AKU1_WWE_4AP.sa.CAB
CAB: \Extended_ROM\OEM_WWE_03120301.sa.CAB
CAB: \Extended_ROM\VideoMMS.sa.CAB
Awesome, alot less bloat, but.... Camera doesn't work.. Application says Camera is not a valid Pocket PC application. :: grumble ::
Did I miss something?? Camera.exe is there, but doesn't work
Brandon
My Ext ROM is not write protected, and I'm able to run applications in the EXT ROM Folder. I deleted the 2 TMD and the T-Mobile cab files, but I have not nticed a big difference, nor is my GPRS back to always on, which it should be now.
Perhaps the device requires another hard reset without these cab files in place prior to the changes taking actual effect. Does anyone know if my assumption is accurate about the required hard reset?
Ed
what dictates if the ExtROM is write protected or not? is it the version? or the hardware itself? or a mix of the version with the OS checks?
cuz i believe the ROM version is dictated by the version_AKU1.sa.cab. does that mean we can hack the cab (or use a diff version) to disable the write protection?
i'm using a himalaya btw.
I have a question or two.
I'd also like to know if it is possible to modify CAB files so they install an application and then also put in your purchased key or serial depending on the application so it's already registered to yourself. It seems like it must be possible because the GPRS Monitor on the T-Mobile Extended ROM is already Registered when you try and register it yet I was under the impression it normally has to have a key entered to turn it into the full version with no limits.
This would be great if this was possible, if it's a key file then it's simple to copy it over but how about automatic registry entries? Are these done similar to Windows .reg files? Does anyone have any info if a .reg file can be make and run from the Extended ROM to make changes to the registry? This would also allow me to key in a few other things I'd like presetup.
Is there a way to see what registry changes a CAB file makes other than from purchasing MagicCAB? Is there a free program like this? It seems like a reasonable program from the info but I don't want to spend 10 dollars on a program I might only use once or twice.
Acutally, one more while I'm here. Does anyone have a CAB installation version of CabInstl which puts a shortcut in the Programs or an easy way for me to make that? I've set it up so it will copy the EXE in manually along with a shortcut but I've yet to try it. I think it should work OK I imagine, just might be neater and have an uninstall if it's in a CAB format?
Can you delete files from the extended ROM script? Just so I can clear out a few folders of things I don't want in there when I do a hard reset?
Thanks for all your help. I'm looking forward to making a super kick ass Extended ROM for myself, I'm half way there
Updating the indirect way
Had a few problems with the updating process... and thought i would explain how I got around them!
First I updated to the standard 16007DE ROM
Then I installed the Extended Rom Viewer, and then because it is protected, i copied the contents to my HDD.
Then i tried to open the Rom update from T-mobile with the Extended ROM editor, but kept on getting file access errors The only one i could open was the NL 13006 version. So I changed the splash screen, deleted the origianl contents, and then inserted the contents from my updated original Extended ROM, as well as a few other bits that i could find, IE the extended ROM viewer. It is updating at the moment, So I hope it all works.
I have a few questions though!
Does anyone know a way in which I can automatically install a few themes, and a few ringtones? I have a few MIDI files that i want to be installed into the windows\rings folder, and the themes need to go in a folder called themes in My Documents. I also wanted to ask if there is a way to extract the CAB from another program, for instance Voice Commander. It is an MSI, but only works in windows!!!
Any help would be greatly appreciated...
Greets from Hannover, Germany
Juggs :?
Is this going to work:
- Download ER2003Edit
- Download the O2 XDA2 ROM 1.60.50
- Download the T-Mobile MDA2 ROM 1.60.36
- Remove O2 apps i don't want to use
- Add applications from T-mobile rom which i want to use
- Change ROM provider from O2 rom to to T-Mobile
- Save new O2 ROM and upgrade
But... I want to add custom ring tones to contacts, and if possible also want to add custom picture. Also my camera must be able to work. Which software do i need for this?
Because.. All i want to upgrade is today theme to O2's and also the software to 1.60.50... Does the O2 rom also has an "TMDNLCustomize.sa.CAB" ?
Greek full support language for qtek 2020
Hello,
this is a very intresting site!
Can anyone tell me is exist & where can i dinf an extended rom for qtek 2020 with full support of greek language?
Also there any newer version than the 1.66.00 wwe extended1.66.130 radio 1.10.00 wihich my qtek 2020 has??
best regards
george
A) For NOT Write Protected Extended Rom:
If your XDA2 Extended Rom is not write protected just add the new files you want, you can find on the forum many different extend rom files (O2, T_Mobile, Orange) and kitchen your own extended Rom by adding the cab files directly in the Extended_rom directory and soft reset.
B) For Write Protected Extended Rom:
The only way for the moment (until we find a way to make the rom writable) is to use the upgrade programs used by the operators and ER2003Edit program.
Click to expand...
Click to collapse
2 questions for you,
1. how do i know whether my rom is the editable 1 or the non editable one?
2. I tried option A, just mergly adding the CAB files into the EXTROM but... when the hard reset was perform it did not install the CAB files i added in? what could be the prob i know there is a "autorun.exe" in it but i dunno whether will it affect the process. I also notice a "config.txt" in the extrom, tried editing it but it seems that nothing happen
Reason for adding the cab files is because i was using a 1.72.00 rom with radio stack 1.12 but intend to change it to radio stack 1.14 and also try cooking up my own rom in the ktchen but after doin so its like nothing happen. need some advice for cooking roms in the kitchen been searching the forum... found a few but its all talking about Linux platform.
Hi Kelvin,
1)
The way to know if your rom is not writ protected is if you see a folder called extended_rom in the root of XDAII and if you can add files in it.
If not, there’s a nice tool to make the extended_rom visible and to make it writable.
http://forum.xda-developers.com/viewtopic.php?t=8422&highlight=extended+rom+hide
2) The config.txt is made to lunch the programs in the extended rom when you hard reset the XDA or when it starts for the first time.
You just need to put the cab files in your extended_rom folder and edit the config.txt this way:
Exemple:
I added the cab file vxIPConfig.ppc3_arm.CAB in the folder extended_rom
and added this line in config.txt
CAB: \Extended_ROM\vxIPConfig.ppc3_arm.CAB
Cheers,
Yann
hi yann,
i tried doing that way as i figured out that config is like a startup "prg" to actually start the programs installing when hard reset is performed. But the thing is i cannot make the programs i added in the install after the hard reset is perform. I don't know why but the rest of the cab files can be done. Do adding of all this cab files into the ROM consider cooking ROM??? not really fimilar with the terms of cooking ROM unless that is the way.
Hi guys,
a new version of ER2003Edit is available from the wiki page:
http://wiki.xda-developers.com/wiki/ER2003Edit
New features and improvements:
- provides support for the new upgrade tool version (0.9.1.0) used by the latest T-Mobile and O2 updates
- supports editing of the header information (DeviceID, Operator and Language) in order to circumvent the country code error
- some other fixes and improvements
Best regards,
softworkz
Thnx dude! At last we got a program to modify the header. I guess this makes a lot of XDA owners very happy.
Great work!
Late...
Thanks Softworkz, great work again. It really looks like an even more powerful tool, but there seems to be a little bug (or I am doing something wrong):
After upgrading ER2003Edit to the new version, I cannot open the ms_.nbf anymore. When I try to open the file, ER2003Edit always crashes, although I left the file unbmodified.
Downgraded to the old version again and there it works, although I have to decode and encode the files by myself.
Any suggestions?
No problems opening the ms_.nbf here after doing the upgrade. Running Win XP sp1.
Try uninstalling the old one completely then install the new one...
Works great!
Late...
is it a misunderstanding between header-information and encryping ???
I think Er2003edit does not do the encryption/decryption so far.
Hey Softworkz...
this would be a great improvement as I guess all coming
extended roms will be encrypted.
Alex
Tried uninstalling and re-install but that didn't help. As far as I remember, Softworkz tool is not able to edit encrypted ms_.nbf.
But on my machine (Win XP pro 2002 SP1) the program always crashes when opening an non-encrypted ms_.nbf...
I will use the old one as a workaround, I don't need to change the header so this should be fine.
some programming tips:
It should not be very difficult to implement the xor decryption, just xor each DWORD in the file with 0x25863614 after loading it in memory, and before saving it back to the file.
also, if you verify the header checksum after loading the file, you should be able to detect that the file you are loading is actually a decrypted nbf file.
and another check to see if at offset 0x70040 there is a valid bootsector, with
the 'MSWIN4.1' and 'FAT16' strings should prevent it from crashing on invalid files.
Ouch, I just found out that the wrong version of xda2tools.dll was included with the setup. I have made available a new version (1.2.20) to fix this. (see wiki page)
Some details about ER2003Edit:
You do not need to uninstall old versions before installing newer ER2003Edit versions.
The new version (1.2.x) is able to perform XOR-De-/Encryption. When opening an extended ROM file ER2003Edit first checks if it is encrypted by looking for the presence of the dashes in the header.
If those are present in the right places ER2003Edit opens the file as usual. If the dashes are absent ER2003Edit tries to decrypt with all of the three XOR-Passwords (). If none of those passwords produces a file with a correct header a prompt is shown which lets you enter your own password.
The decrypted (or a copy of the unencrypted) ROM file is saved to the temp folder. When saving with ER2003Edit the file is encrypted again (in case the original file was encrypted) and is saved to the original location overwriting the initial file.
Itsme: The "dash-check" was used because the CRC-check in your code was always true (didn't look into it further).
The new version supports auto-detection of the ROM type in order to edit the header of the other 2 ROM files (NK and Radio_), too. The "error accessing image files" message is now suppressed for these files.
Nevertheless modifying the header of those files is useless and I didn't figure out how to access the file structure in those files (doesn't look like a FAT image).
Best regards,
softworks
Okay, that explains the problems I experienced. As soon as I am back home I will give it a try. If it works it will be a nice & powerful tool...
==> seems to work perfectly. So there are no more obstacles. Next stage will be an Upgrade to 1.66.xx... :shock:
ok, now it works.
currently, a non-matching crc value only results in a printed warning, maybe I/you could add an extra parameter to the file processing functions, which get the result of the crc-check.
or maybe even better, raise an exception, for the warnings.
ER2003 crashes opening new O2 extended ROM Files
Hi softworkz,
first off all thanks for your great work!
Using the new version of er2003 i cant open the ms_.nbf file of the latest O2 upgrade (1.60.52). It crashes every time. Opening and editing my self created ext. ROM based on T-Mobile Update 1.60.07 works great.
Whats wrong with my installation? If you wish i can send u my Win XP error report.
Escargotet
Sorry for posting, was 2 stupid to read forum first!
Sorry for posting, was 2 stupid to read forum first!
Hi all
Please help to clarify as there are some inconsistances...
(or I am wrong, but will run into this problem)
Er2003edit will try to modify the header information in the NK and Radio_mbf but this will not be successfull and I still will get the Country ID error, is that right ???
As far as bobopopo expierenced the new upgrade utility will not run parts of the upgrade but rather leave the machine useless.
So there is a missing link...
Alex
itsme said:
ok, now it works.
currently, a non-matching crc value only results in a printed warning, maybe I/you could add an extra parameter to the file processing functions, which get the result of the crc-check.
or maybe even better, raise an exception, for the warnings.
Click to expand...
Click to collapse
The CRC check does not work in your code. XORing with a wrong password results in the following message:
WARNING: this does not look like a nbf header, possible you provided the wrong password
But this gets printed as a result of the "dash-check". If the crc-check would fail, a different message would be printed:
WARNING: checksum is not ok, possibly you provided the wrong password
But this message never gets printed because (filecrc != crcsum) never occurs (for whatever reason).
Xant said:
Hi all
Er2003edit will try to modify the header information in the NK and Radio_mbf but this will not be successfull and I still will get the Country ID error, is that right ???
Click to expand...
Click to collapse
No. Er2003Edit can open NK and radio ROM files and edit the header. Er2003Edit automatically re-encrypts the newer ROM files (XOR-Method).
Er2003Edit decrypts older ROM files (DES-Encrpytion), lets you edit the header and save the file but it does not re-encrypt these ones (use xda2nbftool). A message is displayed in this case to remind you to encrypt the file.
Xant said:
As far as bobopopo expierenced the new upgrade utility will not run parts of the upgrade but rather leave the machine useless.
Click to expand...
Click to collapse
AFAIK the upgrade tool will only look at the extended ROM's operator field. Anyone please correct me if I'm wrong about that.
softworkz said:
Xant said:
As far as bobopopo expierenced the new upgrade utility will not run parts of the upgrade but rather leave the machine useless.
Click to expand...
Click to collapse
AFAIK the upgrade tool will only look at the extended ROM's operator field. Anyone please correct me if I'm wrong about that.
Click to expand...
Click to collapse
I confirm what bobopopo claims, i tried only flashing the ms_.nbf, and it totally messed up my machine (stuck in bootloader), i had to reflash all three to get it to work again
nargalzius said:
softworkz said:
Xant said:
As far as bobopopo expierenced the new upgrade utility will not run parts of the upgrade but rather leave the machine useless.
Click to expand...
Click to collapse
AFAIK the upgrade tool will only look at the extended ROM's operator field. Anyone please correct me if I'm wrong about that.
Click to expand...
Click to collapse
I confirm what bobopopo claims, i tried only flashing the ms_.nbf, and it totally messed up my machine (stuck in bootloader), i had to reflash all three to get it to work again
Click to expand...
Click to collapse
I knew about this. I was just stating that the header of NK and Radio is irrelevant for the upgrade tool and is not responsible for the country code error.
SPV M1000
Does it work with SPV M1000 version
loade ER2003 started it and stay on the ROM info screen :?
Hi,
As I'm a curious electronics engineer type, I have a few questions regarding the IPL, SPL and CE kernel.
1. Am I correct in thinking that the IPL simply loads the SPL into RAM and starts executing it?
2. Is the SPL providing the low level flashing interface and the setup code necessary to load the kernel into RAM? Does it provide any low level interfaces for the CE kernel?
3. I note that the OS portion of my flash has three partitions, what are the first two small ones for?
I've had a search on the net and I can't find many detailed answers to these questions so I thought I'd ask them here. Any help is greatly appreciated.
sjbale said:
Hi,
3. I note that the OS portion of my flash has three partitions, what are the first two small ones for?
Click to expand...
Click to collapse
The first two contain the OS core in XIP format (although they still need to be copied to RAM before execution). One is the kernel for normal operation, the other is used when Windows Update flashes the ROM (it'll not overwrite anything, just add to the existing data). They can be dumped from a ROM upgrade file and edited with RomMaster and dumprom.
The third partition is an IMGFS file system. It contains all the other files needed to make your device work. It can be dumped from a ROM upgrade file and edited with the Imgfs Tools.
There is actually a forth partition in the partition table - the Storage area. This is a FAT partition. It is only in the partition table, but there is no additional data in the ROM packages. During a hard boot, the OS will format that partition.
Cheers
Daniel
Thanks for the reply. I didn't think that the CE kernel was loaded during the flashing process, I thought the SPL provided the flash interface?
Out of curiosity if am I correct in thinking that the only way to brick the device is to damage the IPL/SPL or bugger up the radio ROM so that the SPL can't return a CID. If the actual OS portion of the flash contains bad blocks will this still prevent future flashing?
sjbale said:
1. Am I correct in thinking that the IPL simply loads the SPL into RAM and starts executing it?
Click to expand...
Click to collapse
Not "only", it initializes the hardware (processor, sdram, etc...), setups the physical to virtual mapping table, reads SPL from NAND puts it into RAM and jumps into its address.
If you want it more in depth, disassemble the IPL.nb file with IDA Pro. Code entry point at 0x0000000. And consult the SC32442A processor manual while following its flow.
sjbale said:
2. Is the SPL providing the low level flashing interface and the setup code necessary to load the kernel into RAM?
Click to expand...
Click to collapse
Yes.
Again, IDA Pro is your friend In hermes the SPL expects to be executed from virtual address 0x8c080000 which is physical 0x30080000.
sjbale said:
am I correct in thinking that the only way to brick the device is to damage the IPL/SPL or bugger up the radio ROM so that the SPL can't return a CID.
Click to expand...
Click to collapse
Yes, you are correct. It is also possible that NAND blocks are marked as bad when incorrectly flashing service byte 517th, read more on Des comment here.
sjbale said:
If the actual OS portion of the flash contains bad blocks will this still prevent future flashing?
Click to expand...
Click to collapse
Depending on how many bad blocks. I've seen a hermes die completely during the 2nd flash on a NAND with a lot of marked bad blocks.
Okay, I think I understand. So once the 517th byte of a flash block it set to non 0xFF it's permanent and can't be restored? The next flash won't be able to write to that block? Hmmh, dangerous!
Now all I need to do is find the £300+ quid for an IDA pro license. I'd better get back to what I'm supposed to be doing, time to put my RF hat back on
Yes, that's right. We haven't found a method to restore yet, but sure it is possible to do it because the marked bad blocks are not real bad blocks.... probably the way to go is patching a SPL which will never flash service data bytes from data taken of a file. Des and Olipro know more on this matter, you should ask them if you really want to get involved on some development
BTW, you can use the IDA Demo version available for free download if you don't want to spend the money just for disassembling IPL & SPL.
And there are other free alternatives, I sometimes use radare which is very helpful too, but you should have a *nix system.
Hello guys i have just moved from HTC Wizard Thread because i have sold my old Wizard and have bought my brand new T-Mobile MDA Vario IV. Flashing, Dumping, etc on Wizard was really simple. But in Touch Pro i cant get through the all things. Maybe it is my not very good technical english or something. All i do is just reading and reading and cant get through. So I have still my stock ROM for Vario IV wich is even slower than Wizard custom ROMs, so its annoying a lot and it is still slow after i made all the registry tweaks! I would like to flash new faster ROM but i do not want to do it until i am sure i could reconstruct my stock ROM in case of some warranty isues. First thing i want to say is that i use Windows Vista Bussines x64 so maybe all my problems are in the case of 64bit drivers, but i did not find any compatibility information about all the utils.
1. I went to the thread how to dump and reconstruct Touch Pro ROM. I made all the necesary things but i cant even extract any raw file still get ITReadDisk error which i find in the thread but i did not get any solution.
2. I have downloaded T-Mobile ROM from czech T-Mobile official pages extracted the file RUU_signed.nbh, but i do not know how can i extract it. ROM kitchen did not help, or even if i can use it to reconstruct :-(
3. I tried NBHextract file but i think it is not usable for Touch PRO. I got few files SPL, 2x MainSplash and OS image, all *.nb, but i am not sure if i can use it to reconstruct original ROM.
Point of this, why i want ot do it is: I want to load HardSPL but i want to have backup of my stock SPL if i need to revert my warranty. Any help would be appreciated
I use Calkulin's Kitchen, which makes it easy to extract the RUU_signed.nbh and rebuild it. See the thread here or download the kitchen.
What program did you use to extract the ROM from your device? I used pdocread which worked great. Not sure if that works on Vista x64.
rsw686 said:
I use Calkulin's Kitchen, which makes it easy to extract the RUU_signed.nbh and rebuild it. See the thread here or download the kitchen.
What program did you use to extract the ROM from your device? I used pdocread which worked great. Not sure if that works on Vista x64.
Click to expand...
Click to collapse
I used pdocread.exe file but anytime i tried to dump rom i got the ITReadDisk Error, and any RAW file was not made just the first one with 0B size. Also i have downloaded the Raphael kitchen from http://forum.xda-developers.com/showthread.php?t=411915 and my Symantec endpoint security reported Trojan Horse in RaphaelCustomRUU.exe in Tools directory.
Sounds like it is not 64bit compatible. Any reason your running 64bit Vista? Unless you have a need for it your not going to see much performance difference on a desktop, just a hassle of compatibility problems with hardware that doesn't have 64bit drivers.
If you use Calkulin's Kitchen you will need the imgfstools from the Raphael kitchen you downloaded. They have been patched to allow ROMs to be larger than 128MB.
reason i run 64bit vista is that i have 8GB of RAM because i need to run multiple os in vmware. Will try it from win xp in vmware...
Anyway. Can i flash original ROM with all its parts shipped from T-Mobile to a device which has HardSPL applied? If i did that on HardSPLed HTC Wizard, i would have brick it...that is why i am asking.