Related
For those familiar with it, what do you know about DREADIAG.nbh?
The image I have is locked to a CID. I have a US phone and the image's CID does not match. So, this diag image is either for UK phones or is internal to HTC to keep the general public from using it. I had to use a goldcard image to load the diag on my retail G1.
Every time the diag tries something with my radio it hangs and I have to press end to cancel that part of the test. The diag must use the radio firmware currently flashed to the device ad the diag image is only about 321k and the radio image is much larger (~8967k zipped).
I will try not to pollute this thread with details of the problem I'm having but I think it's due to an issue with some G1's and firmware < RC33, perhaps the radio. My phone hangs on boot (I'll add a link to my other thread).
Some other things I'm wondering about this image:
-Various use of RUU (Rom Update Utility) from HTC to manipulate the phone.
-Is there away to get a fastboot interface with it? That could lead to an alternate rooting method.
I will followup with a link to DREADIAG.nbh and the version # of what I have, and the service manual which contains some info about it. If you're going to experiment with it don't mess around with the tty interface you can connect to or you mar brick your phone (see http://forum.xda-developers.com/showthread.php?t=487945 ).
Thanks,
HDN
A search for the searvice manual:
http://www.google.com/search?hl=en&q=+HTC+Dream+SM+(A04).pdf&btnG=Search&meta=
My G1's problem:
http://forum.xda-developers.com/showthread.php?t=510327
However, I can no longer find a link to DREADIAG.nbh. If anyone has a link can you post it?
Thanks.
where did you get the download for the DREADIAG.nbh? there is a link in the how to root your phone thread that links you to the .nbh of RC29 and you just have to rename it to DREAIMG.nbh
usually there is no difference between the diag and the img, but out of curiousity how long did you let it "hang" before you canceled the process. cancelling a .nbh flash can be very dangerous ESPECIALLY if you have not already attained root
tubaking182 said:
where did you get the download for the DREADIAG.nbh? there is a link in the how to root your phone thread that links you to the .nbh of RC29 and you just have to rename it to DREAIMG.nbh
Click to expand...
Click to collapse
I know that. DREAIMG.nbh and DREADIAG.nbh are different things. You don't flash your phone with the contents of the diag image, it runs more like a live boot and has diagnostic utilities.
but out of curiousity how long did you let it "hang" before you canceled the process. cancelling a .nbh flash can be very dangerous ESPECIALLY if you have not already attained root
Click to expand...
Click to collapse
I didn't cancel anything. Read linked thread.
i think there is this image:
http://www.megaupload.com/?d=7NRX7H40
can anyone help with this problem as its doing my head in lol ive flashed loads of roms and flashed the ics rom which i have done before but this time for some reason i have LIMITED SERVICE so installed official stock europe ruu rom and still LIMITED SERVICE can anyone help please...
Have ou flashed an ics base/firmware ( like 3.24,3.25,3.30 and 3.30) before to flash the ics rom?
no i didn`t is there a way to fix this?
just checked and my bootloader now says LOCKED and i unlocked it a few days ago from htc website
desperate for help now as i can`t even fastboot root or run revolutionary to get unlocked again and when i use htc official bootloader unlock it allows me to get to the unlock screen where it says up/down to unlock bootloader but only lets me enter the no for don`t unlock as when i try to select unlock bootloader the power button doesn`t do anything help
Locked can be becuase you have flashed a 3.25 firmware non-unlocked
It says locked but is only for fastboot command, the rest in unlocked
So my question is: have you flashed 3.24/25 firmware?
I don't understand why you have unlocked it with htcdev method...
i used RUU_Pyramid_HTC_Europe_1.45.401.2_Radio_10.56.9035.00U_10.14.9035.01_M_release_208857_signed.exe
erto90 said:
So my question is: have you flashed 3.24/25 firmware?
Click to expand...
Click to collapse
Also, do you have superCID? Perhaps the radio version in the ruu you ran is conflicting with your device. If you perform superCID then you can flash any ruu, or any firmware, and try a different radio.
HTC.dev unlock does not let you flash radio.img, so I'm sure this is why the limited service problem is occurring.
Sent from my Pyramid-T
i`m super cid 11111111 s-0ff and have managed to fastboot recovery back on to my sensation i have noticed in bootloader i now have extra features such as MFG KERNEL? my HBOOT is 1.17.2008 just flashed a custom rom ARHD which installed but still limited service and the option to turn on mobile networks isnt highlighted so can`t switch on data services?
karaduke said:
i`m super cid 11111111 s-0ff and have managed to fastboot recovery back on to my sensation i have noticed in bootloader i now have extra features such as MFG KERNEL? my HBOOT is 1.17.2008 just flashed a custom rom ARHD which installed but still limited service and the option to turn on mobile networks isnt highlighted so can`t switch on data services?
Click to expand...
Click to collapse
OK, you have the engineering hboot there. It should just be a case of updating the firmware (and hence hboot) to whatever the rom requires.
Check the firmware/partitions info in dev forum.
Sent from my Pyramid-T
tried everything now and stuck on what to do??? managed to download voda uk firmware from filecrop which took about 2hrs to download grrr can i send this back to voda and say the signal has gone??
ARHD recommends 3.32 firmware plus ext4 recovery. Try flashing both these (links in the rom thread) to see if it helps.
If not, run appropriate ruu, replicate the problem on stock rom, then by all means send it in!
Sent from my Pyramid-T
Been trying all day and still no joy. Think i have figured out why i have limited service and think its because my imei number has changed somehow. And don't know how it happened. Can anyone give me a tutorial on how to write my imei number back.
Read this thread, someone else had the same thing happen, lost his IMEI and it is recoverable.
http://forum.xda-developers.com/showthread.php?t=1413728
here is the solution
Originally Posted by mert72
strings -n 8 /dev/block/mmcblk0p6
this is not the only block that has your imei #. it is also stored in mmcblk0p4 and mmcblk0p5.
since you're justy trying to recover your own imei and not change it to somebody else', i'll help you out.
i've altered this guide for the blocks that store our imei.
http://pastebin.com/BFSAZkVQ
#
1) Root Phone
#
2) Install Busybox (make sure its installed properly)
#
3) Install Android Terminal Emulator
#
4) have an sd card in and type the following command;
#
#
type in "su" (without quotation marks) in android terminal emulator to gain super user access.
dd if=/dev/block/mmcblk0p4 of=/mnt/sdcard/pa4.img
dd if=/dev/block/mmcblk0p5 of=/mnt/sdcard/pa5.img
dd if=/dev/block/mmcblk0p6 of=/mnt/sdcard/pa6.img
back these up (make a copy), just in case.
#
#
(this will copy the hidden partition to your sd card in a file called pa4,5,6.img)
#
#
5) Get a hex editor from the internet and open the file pa4,5,6.img. Locate the current imei # that you want to replace with your own imei (use the "find and replace option" of the hex editor). Change it to your personal imei #, but be aware if you change it to an actual imei of another phone you are essentially cloning that phone and will have problems.
#
#
6) Copy file back to sd card and put back in phone. Type this:
#
#
dd if=/mnt/sdcard/pa4.img of=/dev/block/mmcblk0p4 (rewrites the partition with the image file you just edited)
dd if=/mnt/sdcard/pa5.img of=/dev/block/mmcblk0p5
dd if=/mnt/sdcard/pa6.img of=/dev/block/mmcblk0p6
#
#
7) reboot and pray.
once again, this guide is only meant to help people looking to restore their own imei numbers.
p.s. i'm surprised that your phone won't pick up any signal with the changed imei, though. unless it was blacklisted by your operator, it technically wouldn't matter what imei number it is. and it is very strange that your imei would change by just flashing a firmware and a rom.
--------------------------------------------------------------------------------
Last edited by RussianBear; 21st February 2012 at 12:05 PM.
Nice one will give it a go and post back
karaduke said:
Nice one will give it a go and post back
Click to expand...
Click to collapse
read the entire thread because there was a second solution on the last page, good luck
I have tried everything i could think of and can`t go any further now i can`t even root/recovery the damn thing... it`s only about 4-5 days old so can i take it back to a vodafone store and say theres something wrong with it? will they just change it for a new one in store as its only a few days old or would they more than likely send it off for repair??
karaduke said:
I have tried everything i could think of and can`t go any further now i can`t even root/recovery the damn thing... it`s only about 4-5 days old so can i take it back to a vodafone store and say theres something wrong with it? will they just change it for a new one in store as its only a few days old or would they more than likely send it off for repair??
Click to expand...
Click to collapse
Vodafone uk give you 7 days to return and change for new or alternative handset.
i didn`t know if i should flash something on it to brick it as if they look at the mismatch imei number they might think its something ive done to the phone or should i leave it how it is...
karaduke said:
i didn`t know if i should flash something on it to brick it as if they look at the mismatch imei number they might think its something ive done to the phone or should i leave it how it is...
Click to expand...
Click to collapse
It's a tricky one. Of course, it's entirely up to you what you decide to do, but you could just take it back to store as it is and say that there is something wrong with the handset. As it is under seven days old, they may just exchange it, no questions. Also, you often find that in store, they are not so clued up on flashing, rooting etc. so would not necessarily know what has been going on. But, you may be unlucky and get someone who is clued up. If this is the case, you may want to take the phone away with you and rethink what to do. You can always take it back to a different store (if you really want to purposely brick it). Another thing you can try, is speaking to vodafone customer care, and, again, because it's a new phone, they may just send you a new one at the same time time you send the faulty one back. (Vodafone did this with a faulty Nokia N900 I had) Entirely up to you.
Which mmcblk0p contain hboot version and if the device is locked relocked or unlocked?
Try to find a thread when myself and amidabuddha tried to find out if it's possible to change status from relocked to locked. I was trying to recompile gfree for Gingerbread in that thread, just to find out that the vulnerability has been patched in GB. AFAIK it was partition 7.
In any case, bootloader version is written in hboot partition (just a part of HBOOT, easily modifiable) and has nothing to do with locked/relocked/etc status.
Jack_R1 said:
Try to find a thread when myself and amidabuddha tried to find out if it's possible to change status from relocked to locked. I was trying to recompile gfree for Gingerbread in that thread, just to find out that the vulnerability has been patched in GB. AFAIK it was partition 7.
In any case, bootloader version is written in hboot partition (just a part of HBOOT, easily modifiable) and has nothing to do with locked/relocked/etc status.
Click to expand...
Click to collapse
http://forum.xda-developers.com/showthread.php?p=33610213#post33610213 , i found this thread for Evo 3D and thought maybe it could work for Desire S
Might be possible, but definitely not "as is".
Here's a partition list for DS:
http://forum.xda-developers.com/showpost.php?p=28841748&postcount=3
I couldn't find the same for Evo 3D GSM, but what I found wasn't fitting this list - which likely means that there will be another partition and another offset used.
EVO 3D GSM seems similar in partition layout to Sensation:
http://forum.xda-developers.com/showthread.php?t=1168521
If you want and have unlocked/locked bootloader, you can dump 3 partitions - 7, 17 and 23 - and try to look manually for the string (HTCL/HTCU) in them. I don't think there's a chance this string will be present in any other partitions. But you can try.
I have a rooted S One that seems to have lost its root access and signal after OTA update from Bell - the phone was bought on eBay as an "unlocked sealed" item, which wasn't the case. I want to restore the phone to stock and SIM unlock it for use with Telus, but there's no 1.84 RUU for Rogers available. I just want to confirm I can't restore the phone to stock without the 1.84 RUU. Or, if there's an alternative to get it working again, what that alternative might be and where to start. Thanks for any help.
tykidd66 said:
I have a rooted S One that seems to have lost its root access and signal after OTA update from Bell - the phone was bought on eBay as an "unlocked sealed" item, which wasn't the case. I want to restore the phone to stock and SIM unlock it for use with Telus, but there's no 1.84 RUU for Rogers available. I just want to confirm I can't restore the phone to stock without the 1.84 RUU. Or, if there's an alternative to get it working again, what that alternative might be and where to start. Thanks for any help.
Click to expand...
Click to collapse
Post is a bit confusing. You talk about Bell, Rogers, and Telus all at once. Also, if you got an OTA update from Bell, you will only be able to execute an RUU that has an hboot version equal to or higher than your current one.
If you are looking for a more recent RUU than the ones posted on http://forum.xda-developers.com/showthread.php?t=1543588
then I suggest you send a private message to Football, the user who started that post. He helped me find newer Bell Mobility RUUs (which have since been posted to the thread).
Your other option is to do a bootloader downgrade (see the dev post on this, its a bit complicated), and then you can flash other radios from http://forum.xda-developers.com/showthread.php?t=1998270
If you dont want to downgrade your bootloader, you can always flash to a CM10 base (AOSP type) ROM, such as PAC Man, or Jelly Bam, etc. Then you can flash radios without having to downgrade.
Again, though this is all assuming that your true problem is with you baseband radio and now switching carriers has made your reception poor...
Also remember you will have to relock your bootloader before you execute an RUU, otherwise it wont take (that and a correct bootloader version)
AKToronto
Thanks for the info. The phone is a sim-unlocked Fido unit. It was running on Bell before the OTA update.
Here are the specs:
Android version: 4.0.3
HTC Sense version: 4.0
Software number: 1.84.631.9
HTC SDK API level: 4.11
HTC Extension version: HTCExtension_403_1_GA_4
Build number: 1.84.631.9 CL64348 release-keys
Is the "build number" the RUU? I'll try Football, but do I need the Rogers (Fido) RUU?
Thanks.
you can not execute an rogers ruu on a bell phone, the cid wont match
there is an app on play who will display you the cid and the original network; like that you'll know exactly what phone do you have in hand
you just have to unlockit after and you will be able to useit in whatever network you want
Thanks. Ran CID getter and says it's ROGER001. So I've confirmed that I need a Rogers file. And I would like to unlock it, but from what I've read I cannot restore back to Rogers 1.70 because the unit has been updated to 1.84. I have read that if I can find a 1.84 Rogers file, I can use that to restore the unit. This is the next thing I need to confirm. I appreciate your help.
I think that is almost correct. You can change the CID to the Rogers one using the same technique as posted in the super Cid thread in the development section. Normally though you can't flash an older ruu as the hboot version can't be older. But You may also want to try posting a message in the bootloader downgrade thread that is stickied to n the development section. I think if you downgrade your bootloader and also do a minor hex edit to a partition you can flash an older RUU. I have downgraded my bootloader but haven't tried flashing an older ruu so I can't say for sure.
Sent from my HTC One S using xda premium
Thanks again. So I can assume the CID is already Rogers, yes? I don't want to change it. My hope is that I can use the All in One Toolkit (one of the sticky posts) to bring the phone back to stock and then SIM unlock it for use with Telus. If I run the Toolkit, and use cbetso's instructions from the "How to Return to Stock" post (after adding the stock recovery to the folder). If I locate the Rogers 1.84 RUU, can I run it without downgrading?
don't assume, your cid is rogers ROGER001, so there is absolutely no way your phone could download and execute an update from bell.
so I can not understand what has bell to do in this.
if you just want to use it on telus network, you just have to unlock it, you don't even need root for this. and the phone will work just fine.
the root is needed when you want to change ROM, radio, debloat and others.
one of the others will be tweaking the build.prop file to achieve maximum capacities of your 3g/4g desired network
Thanks - it's a difficult story to tell, really. It was a Rogers unit, SIM unlocked to work with Bell. It was on Bell's network for two months, and an OTA update caused major radio and reception problems. It will not keep a network signal anymore. I have tried other SIMs in the unit and it will not recognize them, nor start up with the "Enter Unlock Code" screen to SIM unlock it. It's my understanding that I need to return it to stock by finding the Rogers RUU file that matches the software version on the unit, which is 1.84. This is my very limited understanding of the issue, but it's what I've been able to figure out.
if it was a rogers device, and you did not change the CID, you get the ROGER001 cid with the app, your phone is still a rogers device
doesn't matter in which networks was used, for the two months before you get it, and by you after
as long the cid stays ROGER001, your phone will remain a rogers device, unlocked to be used in different networks.
so there is absolutely no way an OTA update, from bell or telus could be the source of your problems, because your phone will not download or execute an ota update from other networks
same for rogers ota update, as long the phone was unlocked, will not execute OTA updates, even the updates will be downloaded on the phone
your connection problem came from other reasons;
however it you want to return the phone to rogers stock, the key number is HBOOT version;
you can execute any RUU with HBOOT version higher or equal with your present version on the phone
if somehow you're on a very high version and you can not find the appropriate RUU, we can always downgrade RUU, check development section for tutorial
it's not very simple, but as long you're ok and you understand the steps, go for it, it is doable.
if you have root, you might try different radios before all above, or maybe a custom rom; just an ideea; as long the phone is not soft bricked or physically damaged, there is no reason a custom rom will not work
Thanks for the information. There seems to be other problems with the unit, including it won't delete all data after hard reset, it won't recognize other networks when other SIMs are put in, it has been upgraded past the 1.70 stock Rogers RUU. I wish I could get it figured out or I may have to sell it as is. Appreciate your help.
factory reset in fastboot didn't work?
means you're on some custom rom with non stock recovery?
have you tried to flash a stock recovery? any of them, whatever you'll find around here; there are no much difference in term of facilities between them;
then you should be able to restore phone to factory defaults
try find somewhere All in one kitt one S v1.0; there is stock recovery in it, and flashing is easy
in v1.1 there is no more stock recovery
donwload ruu or open up ruu..when it first starts go into your windows manager and in the link section delete what you have in that section like c:/program files and replace it with %temp% and it will find two encrypted folders with a big letter/digit name and they will show you what time they were opened . open them up and find rom.zip copy it to your desktop and then extract it somewhere safe .. in the folders in rom.zip you will see recovery_signed.img rename it recovery.img and flash it via hasoons tool kit provided in the development section..just in case you ever run into this again
Thanks. Can I flash a stock recovery in the All in One Toolkit without having the proper RUU version I need? Will this allow me to factory reset the phone, and the radio issue is another unrelated problem? The unit is supposed to be SIM unlocked, but when I put another carrier's SIM in, I still have no radio and I do not see the screen that says "unrecognized SIM" with an "enter unlock code" option.
tykidd66 said:
Thanks. Can I flash a stock recovery in the All in One Toolkit without having the proper RUU version I need? Will this allow me to factory reset the phone, and the radio issue is another unrelated problem? The unit is supposed to be SIM unlocked, but when I put another carrier's SIM in, I still have no radio and I do not see the screen that says "unrecognized SIM" with an "enter unlock code" option.
Click to expand...
Click to collapse
Not sure about your radio issue, that would require testing out different radios. You can do that on a higher hboot by trying AOSP ROMS and using the Radio flasher in the dev forums.
As for flashing stock recovery you can also just use the following link: http://loadbalancing.modaco.com/down...ery_signed.img
The stock recovery doesnt really change from RUU to RUU. You dont need a particular recovery to use a particular RUU, as far as I know.
Thanks - you wanna take another look at that link? It didn't seem to be anything. Or do I need to change the extension?
tykidd66 said:
Thanks - you wanna take another look at that link? It didn't seem to be anything. Or do I need to change the extension?
Click to expand...
Click to collapse
http://loadbalancing.modaco.com/download.php?file=ville_recovery_signed.img
Try that. Sorry about the other link
I maybe miss it, but you never said what is the exact status of the phone right now;
it is booting? it is working on some network? at least partially like voice only? what ROM are you on? what HBOOT?
Hi there - thanks for getting back to me and asking. The phone seems to be booting normally and always has been. It is not able to recognize any new SIM card. It's a Rogers unit, and when I add my Telus SIM it does not go to the "Unrecognized SIM" screen, it actually registers the TELUS network for a moment, then the radio gives no signal.
How can I check the ROM, 'cause I have no idea. Is the HBOOT in these specs?
Android version: 4.0.3
HTC Sense version: 4.0
Software number: 1.84.631.9
HTC SDK API level: 4.11
HTC Extension version: HTCExtension_403_1_GA_4
Build number: 1.84.631.9 CL64348 release-keys
Thanks again.
for the Hboot version you have to reboot in fastboot
for recovery reboot into recovery
for the ROM version, once booted normaly you have to go into about phone > software
are you sure you have the right settings for Telus APN? for some reasons, the phone will not registered to network, if apn setting are wrong;
at least for me, which I'm opposite to you as I have a telus phone and using it in fido network, if I dont have Fido APN setted up, the phone does not register to network
with new windows phone recovery-tool 2.0.3+: http://go.microsoft.com/fwlink/?LinkID=525569
it downloads the RUU nbh and the UEFI nbh to the following path:
C:\ProgramData\HTC\Packages\Products\0P6B1400-T-MOB010
named like:
RUU_signed_2061.30.15001.531.nbh
UEFI_signed_2061.30.15001.531.nbh
i grabbed the download links with fiddler for people without the device:
Code:
https://softwarerepo.blob.core.windows.net/softwarerepo/80c33a50-3c4b-448b-9981-e5cd74d32236/UEFI_signed.nbh
https://softwarerepo.blob.core.windows.net/softwarerepo/80c33a50-3c4b-448b-9981-e5cd74d32236/RUU_signed.nbh
mainos partition is decrypted on-device during flashing (device model specific encryption).
the same also works for other variants of the htc one w8 like verizon and at&t.
would be cool if someone could post those rom url's too.
there is no tool to decrypt the mainos partition sadly but i hope someone skilled creates it.
Will it be possible to flash the T-mobile RUU on a Verizon phone? I need to get rid of the lock on the 4G channels on the verizon version.
in theory, modelid check on device will make it fail.
HD2Owner said:
in theory, modelid check on device will make it fail.
Click to expand...
Click to collapse
Any way to change model id with regestry hack? Maybe the same hack that allowed non-Lumia devices to install wp 10 technical preview?
that is not the same. it would have no effect in this case.
modelID is checked by bootloader before flashing. it aborts at 1% with error.
what you want is a signaturecheck/mid/cid unlocked bootloader. and you're not alone.
even if you reverse-engineer the bootloader and patch it, you need a way to get it on the device.
both things are incredibly difficult with wp8 nowadays because of the security measurements.
the previous work i did on wm/wp7 custom roms is not possible for wp8 until that happens.
The recovery tool does not work with the Verizon version of this phone (at least when i tested it the day the build came out). I had to use the leaked rom to flash back to Windows 8.1 on my Verizon Windows M8
I do have the Verizon .nbh's lying somewhere, will look for it when I get home