Dumped h4150 italian rom.... :D [long]

Tool used:
Windows xp ( :°°°-( ) + Mtty / Linux + Minicom
Internal Bootloader
Secure Digital 128mb (the card is used so I had some garbage after the rom
dump)
Windows + Winhex as suggested from VSergey. (I should use windows since
linux hasn't sd driver)
Dumprom.exe (from xdatools)

This bat:
md files
dumprom -4 sd-dump.bin -d files >list.txt

h4150 htc platform is also identified as hb25(i) (as appear in bootloader).
All oem driver contain a string with path of .pbd file used by microsoft
sdk(??).
Total commander find with unicode enabled:

Perhaps in these files we can find how to initialize asic
battdrvr.dll --> Battery driver
Frontlight.dll -->Backlight related
Jacket.dll --> It controls battery level and make wince enter into suspend
mode
pcmcia.dll --> We have a pcmcia socket? Is this dll customized for our
hardware? uhmmm, my suspect seems to be right!
sa_usb_ser.dll --> USB function driver for SA1100 CPU-native peripheral,
exposes serial interface
SDBusDriver.dll --> MMC/SD/SDIO related -
http://www.bsquare.com/products/sdionow/default.asp - look at the pdf...
SDMemory.dll --> MMC/SD related -
http://www.bsquare.com/products/sdionow/faq.asp - is dated 2002 - perhaps
very similar to h19xx, since bsquare seems do don't support yet wince 4.2
serial32.dll --> serial driver, perhaps has the detection routine, that
linux hasn't yet
tiacxwln.dll --> tnetw1100 driver.. has HTC related function for power
management
wavedev.dll --> Audio driver
ddi.dll --> Display driver
gwes.exe ---> loads and initializes input device drivers such as the
keyboard driver and the touch driver. I don't know why is customized by hp.
keybddr.dll --> keyboard driver
nk.exe ---> Widows CE kernel for arm!! ASIC3 initialization, Hardware
initialization.
touch.dll ----> Touchscreen driver
TrueFFS.dll ----> TrueFFS? msystem? it should be the driver for the ipaq
file store inside DOC?

Backlight.cpl
FStorage.cpl
Powerg.cpl
SelfTest.cpl
SystemInfo.cpl
Tone.cpl
Backlight.exe
hpimgview.exe
LEAP.exe
PowerExe.exe
default.fdf

All these files has the company marker as "High Tech Computer"
Now I understand why Jamie can't get specification on this PDA,
h4xxx seems to be made from HTC and only branded HP. Hp has the exclusive to
brand this.
So, only www.htc.com.tw should has all specification of his htc asic3 and
all connections.

These file are simply interesting so I sign it down...
ACX100_dl.bin --> tnetw1100b firmware?
maxim_radio_dl.bin -->TI6100 bluetooth tranceiver?
TIPostInit.hcs -- >TI BRF6100 initialization for firmware v3.16? May hp have
forgot this file?
TIRadioInit.dll -->Contains same strings indicated into TIPostInit.hcs

----------------------------------------------------------------------------

----
pcmcia.dll -- strings found:
Failed to recover EEPROM!!! ---> eeprom? serial eeprom 24cxx found in the
layout may be used from wifi?
Texas_Instruments-ACX100-EE1D --> bingo... pcmcia is connected to TNETW1100.
It seems we have no other referrers to other device
nk.exe -- strings found:
OEMInit
CleanBoot
InitClock
1.00.12 ITA
Version: M-SYSTEM
Flash: Hummingbird
HTC Platform: OEMInitin: ASIC3 Initial
+OEMInit
InterruptDisable: unknown interrupt requested.
InterruptDone: unknown interrupt requested.
PlatformInit:Battery door open
PlatformInit() -COLD_BOOT...warm boot
PlatformInit() - VERY_COLD_BOOT... cold boot
Reset RC status for Audio drivers
InitDebugSerial using SUPERIO Serial --> INTERESTING If we find how to enter
into wince debug mode, we could see a lot of information
[...]
iPAQ h4150 1.00.12 ITA ---> not good... h4350 may need more initialization
(Perhaps additional asic initialization to support keyboard)
Parallel PortInitialize with HTC PPSH --> we have a parallel port? maybe is
internally routed but where? why?
ciao
Eddi