Related
Hallo,
I'm new in the forum, i was advised to register here in order to try and find solution to a problem my ks20 has after flashing a rom.
I tried today for the first time to flash a rom in my new ks20(i bought it yesterday used with cooked rom on), i followed this guide http://forum.xda-developers.com/showthread.php?t=369481.
When my phone tried to open, after flashing, this message came up "illegal use unavailable OTP Block".So i flashed another rom in order for the phone to open. With the new rom it opened but it had lost IMEI number and cannot connect with any phone network.
I have made a nv backup with LGMDP but when i try to use LGMDP to restore it i have the same message as before "illegal use unavailable OTP Block" when the phone turns on.
I tried with different roms branded and unbranded. I also tried this http://www.myphone.gr/forum/showthread.php?t=181820&page=360
I dont know what went wrong, nv backup procedure was complete, why do you think that nv backup is not good? I am ready to through the phone away
Maybe you can provide me a solution or another nv backup with my imei ( as i read somewhere in here) if the one i have made is not good.
Thanks , waiting for your help.
LGMDP_EURO that i used to change the rom created two folders: one is called NvBackup and the other folder is named with my imei number, i used both .nv2 files that are included is these folders but every time the result after restoring was the message "illegal use unavailable OTP Block".
I don't know what to do!
Please if anybody has a clue
what rom did you last install?
Was it the branded or unbranded version?
The last rom was Greece Vodafone 10g it is branded.
The problem when i tried to install a cooked rom which i think it awas also branded.
My phone is vodafone branded
did you restore your nv2 in emergency mode?
no i installed a new rom (so that the phone could turn on ok even with wrong imei) and i tried to restore with the phone turned on
shut down your phone, start emercency mode(press : "Send" "Browser" "Power") a green led will shine on your mobile and connect it, and try to restore your back up nv2
how can i do that from emergency mode? i don't have "nv Default" option, also there is no "reset database & contents"
if you have msn send me your email adres in a private message.
Unfortunatelly i dont have msn but i have facebook account.If you have one we can talk from there
sure is the same
I have sent you my account by pm
rickou26 saved the day.
Thank you very much
pagia said:
rickou26 saved the day.
Thank you very much
Click to expand...
Click to collapse
Hi pagia,
I have completely the same story as you.
Could you please share how did you solve it ?
Thanx
Switchke said:
if you have msn send me your email adres in a private message.
Click to expand...
Click to collapse
Hi Switchke,
I completely have the same story as pagia, could you please help me ?
I do not have msn but a pm could I send my pm ?
Thank you in advance.
zezika said:
Hi pagia,
I have completely the same story as you.
Could you please share how did you solve it ?
Thanx
Click to expand...
Click to collapse
Did you solve your problem?
If not give rickou26 your imei number and ask him to make you a backup nv2 file.
use the program MTTY because it's only USB or has unlock without backup (like me) and has still bluetooth activated car solve the imei and bd address problem with that (should be works with usb cable also) :
1) get the phone recognized by windows and activate modem serial port interface
bluetooth perifs-> properties -> services -> check the 2 boxs
3) start -> programs -> accesories -> communication -> hyperterminal ->
set a name and modem port (should be found in step 1)
'call' (yellow phone)
4) type "AT" (without quotes) should see "OK"
5) type ATZ (activate echo)
6) AT%IDDE to unlock
7) AT%IMEI=X,X,X,X, ....
(15 chars) replace X by IMEI code or what you want
8) AT%BTAD=X,X,x,x,x,x ...
(12 chars from 0x0 ->0xF) same for bluetooth address, warning : the digits are in little endian (inversed)
9) switch off and on and the bluetooth should work again without asking for BD address
this method has worked for a KU380 only by bluetooth without install third party program to backup or repair and should works for other phones
help this dummy out ...
i met with the similar issue....
flashed my ks20 to upgrade to win 6.1
lost IMEI, bluetooth ID,...
QPST recognises the fone in 'download mode'...
so what can i do to recover my fone?
hi
hi all, i have just the same problem with ks20. I dont have imei and i do not backup the nv files. My phone is just a pda, no signal. On the back of the phone my imei is 357323-01-085909-3. Please help me, i have email [email protected]
I hope someone can help me. I tried almost everything. My wave just won't boot normally. It all started when I tried to downgrade from Bada 2.0 (S8500XPKH3) to 1.2 (S8500XXJL2) and got a security port error while flashing (used Multiloader 5.65). My wave wouldn't boot up so I got someone to repair it with JTAG. Good thing it was revived. It can now go to download mode, however, i tried flashing almost all firmware versions (Bada 1.0, 1.2, 2.0) in different regions from samfirmware but to no avail.
I browsed through the forums hoping I can get an answer but I didn't see any similar case. I'm sure I'm doing the flashing right 'coz I get "All files complete." when flashing is done. Only that, every firmware that I try, it just stays in the logo screen when it starts up.
I'm looking forward for any response.
Best regards.
I guessed you have done all well. But still try this process:
1. Download a fresh, full and original firmware for your region from samMobile.com
(The firmware version does not matter, but it has to be full and for your region).
2. Make sure your battery is fully charged
3. Remove SIM and memory card from phone.
4. Ensure that all kies drivers are successfully installed.
5. Use multiLoader v5.65
6. Cross-check that your USB plug is not damaged (if possible use another one)
7. When flashing, make sure you tick the FULL DOWNLOAD option in multiLoader.
Try the above and report back. Best of luck.
yeah you should tick boot change and full download for a complete fresh installation
Good thing it was revived
Click to expand...
Click to collapse
Depend on how it was repaired via JTAG...
Maybe NV items are overwritten... this could be bad.
It is not the best idea to use Fullflash from others...
I have RIFF Box experiences...
Best Regards
P.S.:
Try to flash some Rsrc2_S8500(Mid).rc2
Maybe Bluescreen tell you what is missing...
adfree said:
Depend on how it was repaired via JTAG...
Maybe NV items are overwritten... this could be bad.
It is not the best idea to use Fullflash from others...
I have RIFF Box experiences...
Best Regards
P.S.:
Try to flash some Rsrc2_S8500(Mid).rc2
Maybe Bluescreen tell you what is missing...
Click to expand...
Click to collapse
Thanks for the tips guys. I tried the routine checking. I've also tried different a different pc. Same thing.
I'm more inclined to this adfree. NV items might be corrupted. I just know the basics of flashing.I tried several Rsrc2_s8500 (Mid) and yes I got a blue screen with details. I don't know how to interpret it myself but I remember there was IMEI not active. Will post the details later. Hope you or someone can share your thoughts.
Best regards.
I tried S8500XPKH3 again with Rsrc2_S8500(Mid).rc2 and I got this from Multiloader 5.65:
Download Start Ch[0]
BootLoader 1703.9KB OK[0.7s]
Dbl 281.5KB OK[0.8s]
Wait reset !!
Amss 12740.3KB OK[5.0s]
Apps 26214.4KB OK[12.3s]
Rsrc1 37748.7KB OK[14.4s]
Rsrc2 2884.3KB OK[1.3s]
FFS 49217.5KB OK[111.8s]
CSC 36085.8KB OK[106.0s]
SHPAPP 203259.9KB OK[368.3s]
All files complete[638.0s]
Phone reboots and comes up with blue screen:
S/W version: S8500+XP+KH3
Modem: Q6270B-KPRBL-1.5.45t
SHP: VPP R5 2.1.1
Build Host: S1-AGENT08
Build At: 2011/08/16 20:56:16
Aoo Debug Level: 0
ASSERTION_ASSERT: 0 failed. (file SysSecureBoot.c, line 4193) BoAn4193
<Call stack information>
PC = 4000C8D3 OemDumpRegister
LR = 4000C8D7 OemDumpRegister
<Mocha Task Call stack>
_SysAssertReport
__SysSecBootReadNetLockInfoFromFile
ALL HW Information:
HW VERSION: S8500_rev07
IMEI VERSION: Not Active
RF CAL DATE: Not Active
Bad Block Information:
nNumBMPs: 0
nAge: 0
Run Time Bad Block Occurred:
Init BMPs - 2, Current BMPs = 0
Nucleus Task Information:
Running Task name - Mocha Slices = 0000001E Wait = 00000000
Signal = 00000000 Priority = 0
I've been working on this for a week now but no matter what firmware I flash, i can't get my wave to boot normally
Try qualcomm tools to activate imei
ask Adfree or use google to find the qualcomm tools program and then make your imei active using your pc.
what region was your 8500 originally?
remember that different region firmware use different boot files.
Try to use the boot files that was on your wave originally.
For some reason, it's showing "IMEI not active" when I get the blue screen after flashing with Rsrc2_S8500(Mid).rc2.
I read adfree's qualcomm tools guide and it was more on editing the product code. And, i can't access the configuration mode/hidden menu since I can't boot the phone normally.
IMEI is NV item 550 and ...
But it is secured by...
I have never tried on S8500...
Lost IMEI is enough evidence, that NV items are corrupt/missing/damaged...
I'll try to analyze your Error message...
.. will report later.
Best Regards
Edit 1...
SysSecureBoot
SysSecBootReadNetLockInfoFromFile
Click to expand...
Click to collapse
Maybe also Netlock? So maybe without IMEI Security check failes...
I think the guy who tried to resurrect my phone was using JTAG Medusa. Is there any possibility something went wrong during the process? I was just happy that the phone can go on download mode but didn't expect that whichever firmware I try, phone is just stuck on logo.
With regard to the IMEI, should i recover it, will it have a good chance to fix the problem? Can i use qualcomm tools even if the phone can only run on download mode?
if use medusa make this erase full flash after that write full from support stop writ flash in 6% in flash procedure after this flash full flash all files with boot after this pach wit z3x pachv2.Repair imei and al by ok
tested with s8500 whoo come in donload mode with 3 butons vol - lock and power
in first when try flash bada 1.0 soft after ffs write in screen see missing fota 2.0 please instal instal bada 1.2 after this
@OP:
Your SysSec data, which is closely related to NvData, has been damaged, probably by JTAG ovewrite. These data are encrypted by device-unique key.
It is possible to repair it without JTAG, through modified FOTA. But I don't think I'm the one to try this. Last time I played with that data I damaged my BL3. :\
Thanks for those who provided their insights. I kind of gave up last week and had to bring my phone to the service center. Fortunately or not, the tech had to replace the motherboard which cost around 170 USD including the "repair fee". My phone's back with a new motherboard and ready for some risky flashing again. Hehe.
Anyway, thanks again guys. Good day to y'all!
full erase flash only 6% from full after thath full flash with orginal flasher now read wit rj45 cable with z3x nvm from phone in 550 string see if imei is 359321654 need write 8a31391256 and write in phone now imei ok or select in z3x i 5500 put orginal imei and sn repair all come good and working
after all ok read full again from phone search s8500 and see you detail if need edit as your orginal string
ЄЇ~GT-S8500............їµ±№....................................TMU.....2010-06-01....АМАз±Х..................S8500BOJE7_TMOJE7...564C......9750......86210000114318......KAC007021M(S8500)...-
During my plays with RIFF JTAG and few stupid experiments with full erase I'm now facing same problem...
Strange, but this happens with my own JTAG dump...
Will see how long I need to repair this...
Best Regards
It seems no good idea to be. To erase whole NAND via JTAG...
Anyway... long time and luck... I was able to bypass Boot Cycle and then to Restore NV items via QPST...
Maybe 1 part of solution is, to use Firmware BOJE7 with Bootloader XXJEE...
Then maybe your handset start...
Now you can access menu to change to Qualcomm Diag Port for restoring NV items...
Best Regards
Hi there,
I'm facing with a strange problem with Galaxy Gio (formerly branded TIM [Italy], now it's no brand/sim unlocked). Any SIM I've tried, it takes no signal - so I can't make phone calls - but I can connect to data network!! (obviously, these SIMs works properly on other phones).
It's been a while that I'm finding solutions on this board - and on others. I've changed many ROMs, both Stock and Custom (I've tried Russian, Portuguese, Polish, Italian and German stock ROMs in order to try different basebands)
Recently, I'm trying to see some settings on "Service Mode" hidden menu (code *#197328640#). I've seen in "Debug Screen" - "MM Information" that rej_cause is 0x6. According to this site http://www.biss.bloger.hr/post/mm-rejection-cause-description-1/6596587.aspx, it means
Cause value = 6 Illegal ME
This cause is sent to the MS if the ME used is not acceptable to the network, e.g. blacklisted. When used by an MM procedure, this cause does not affect operation of the GPRS service.
Click to expand...
Click to collapse
It's very strange because every SIM that I've tried works like a charm on any other phone.
Must I change any settings in Service Mode?
Thanks in advance.
Check your imei. If it doesn't match what is under your battery or is like 000004900016000 you have lost your imei.
Sent from my GT-I9000 using xda premium
Manugal said:
Hi there,
I'm facing with a strange problem with Galaxy Gio (formerly branded TIM [Italy], now it's no brand/sim unlocked). Any SIM I've tried, it takes no signal - so I can't make phone calls - but I can connect to data network!! (obviously, these SIMs works properly on other phones).
It's been a while that I'm finding solutions on this board - and on others. I've changed many ROMs, both Stock and Custom (I've tried Russian, Portuguese, Polish, Italian and German stock ROMs in order to try different basebands)
Recently, I'm trying to see some settings on "Service Mode" hidden menu (code *#197328640#). I've seen in "Debug Screen" - "MM Information" that rej_cause is 0x6. According to this site http://www.biss.bloger.hr/post/mm-rejection-cause-description-1/6596587.aspx, it means
It's very strange because every SIM that I've tried works like a charm on any other phone.
Must I change any settings in Service Mode?
Thanks in advance.
Click to expand...
Click to collapse
If you have no signal it means the unlock failed.(that's everything I know )
Sent From My Galaxy Gio Using XDA Premium
I've checked my IMEI number on "Numbering Plans" website and it seems to be correct (also on "AMTA" website it reports me that it's unblocked). Furthermore, it matches to what is under my battery.
If I digit *#7465625# it returns me all settings to OFF.
I think you lost your /efs while unlocking, wich means theres a critical file gone, and now you have no signal anymore
Sent from my GT-S5660 using xda premium
I didn't unlock this phone, I've got it already unlocked by a friend of mine.
Probably, as you say, I've lost /efs partition. How can I recover EFS data?
Manugal said:
I didn't unlock this phone, I've got it already unlocked by a friend of mine.
Probably, as you say, I've lost /efs partition. How can I recover EFS data?
Click to expand...
Click to collapse
Code:
Why the /efs folder?
This is a very sensitive system folder that contains Phone-specific information such as the IMEI (encrypted in the nv_data.bin), wireless devices MAC addresses, product code (also in the nv_data.bin), and much more. Often users trying to change product codes or trying to unlock the mobile will end up corrupting data in this location.
are you sure your IMEI is correct?
losing or corrupting EFS should also give a wrong IMEI like 00000 or something
I'm sure of it, indeed when in dialer I digit *#06#, it returns me the same IMEI number that I have under the battery (and it's not 00000 or something).
Is there any method to recover EFS data?
Manugal said:
I'm sure of it, indeed when in dialer I digit *#06#, it returns me the same IMEI number that I have under the battery (and it's not 00000 or something).
Is there any method to recover EFS data?
Click to expand...
Click to collapse
only if you backit it up
are you currently on stock rom?
root acces?
Yes I'm on a stock ROM with root access.
I've tried to mount EFS partition, as described in http://www.criten.org/2011/11/root-unlock-the-samsung-galaxy-gio-gt-5660v/, only to see what's inside it.
Partition was mounted correctly and I've tried to view perso.txt file but, as I'm expected, it contains all zeros end on.
then you're problably unlucky, you can't restore EFS if its not backed up
voetbalremco said:
then you're problably unlucky, you can't restore EFS if its not backed up
Click to expand...
Click to collapse
From what I see, efs partition exists on my phone, but it's not mounted at boot (that's why before I have to mount it manually with mount –o nosuid,ro,nodev –t vfat /dev/block/stl5 /efs ) . I don't know if it's corrupted, is there any way to check it?
Ok I've seen that nv_data.bin is missing under /efs partition. I suppose that's impossible recover it or re-create it. :crying:
I Dont think you can use mine for example...
Sent from my GT-S5660 using xda premium
My senstion doesn't have a /efs folder either. That explains a lot!
Sent from my jelly bean
Manugal said:
Ok I've seen that nv_data.bin is missing under /efs partition. I suppose that's impossible recover it or re-create it. :crying:
Click to expand...
Click to collapse
Did you mount the stl5 to reveal the nv_data.bin?
There is a fix for recovering efs folder for Galaxy i5500 (even there is no backup) which is having the same CPU architecture as the Galaxy Gio.
http://forum.xda-developers.com/showpost.php?p=15408191&postcount=4
I have had the same problem.
It seems that when in usb diagnostic mode there is no network signal.
type *#7284# or *#9090# and choose UART DIAG mode again after unlock. Works 100%! Tested by me just now!
:good:
Thank you for the read-visit.
I recently bought a second hand Tmobile Samsung SGH-T889 Galaxy Note II. Unfortunately,
I inherited a host of issues. The IMEI is corrupted. In this thread, I'm hoping to figure
out why I can't successfully write to the device. I will list everything that I've tried so far,
and to be honest, I really don't know what I can try next. Share your input please!
SGH-T889
Build Version: M9615ACEHWMAZD17513035
Version Dir ;: ACEFWMAZ
Firmware: T889UVALK8:_(4.1.1) (12/19/12) [FACTORY IMAGE]
Preface:
I read in a few other threads where people were having issues with the 4.1.2 firmware, so
I elected to downgrade to the 4.1.1 using a factory image by flashing using Odin 3.0.7.
I then used "Galaxy Note2 Toolkit" to flash root of the device while also including clockworkmod
recovery and busybox.
First Method:
After downloading and installing the Android Terminal Emulator, I tried to enter
the following code to write to the device:
su
echo 'AT +EGMR=1,7,"IMEI_1"'> /dev/pttycmd1
The device accepted the commands, but the write never occurred.
On the web, this solution is everywhere; however, I think that the
solution is specifically for MTK phones. In fact, the output command
"pttycmd1" isn't in the /dev directory or anywhere within the root file structure.
Second Method:
Accessing the hidden menu on the phone by entering *#7284#, I modified
the Qualcomm USB settings to allow for a serial USB connection.
I then used the "Qualcomm NV Tools," included in the fourth tab of EFS Professional
development software, to restore the backup IMEI to the device at the memory block located
at decimal address 550. The device accepted the command and I received
no indication of error, but the device was again not overwritten.
Third Method:
I installed RootExplorer application and used this tool to access the root directory and made
a copy of the EFS folder where I assumed the IMEI is stored. I then deleted the folder allowing
the system to recreate the EFS Folder after a reboot and a factory reset. I repeated the
previous methods, but I wasn't able to make a difference. Consequently, I restored my EFS folder.
Fourth Method:
I tried messing around with permissions allowing for read/write for the "efs" and "factory" folders
within the root file structure. Notwithstanding, I also expanded my read/write changes to the /dev/block folder focusing in particular on /dev/block/mmcblk0p3. (I read in another thread that the IMEI was stored in this block
/dev/block/mmcblk0p3.) Changing ownership of the files "owner" and "group" to root, I then tried writing to the device again using the previous methods mentioned, as well as fiddling around with another software called
"NV-items reader_writer v1.0," but all these approaches failed too.
Just as an added comment, I think that file manager such as Root Explorer re-mounts a read only root file
structure as a floating read/write. Therefore, while I think that I'm making changes to permissions -- I am, because I can see the change occur -- this change is actually temporary until the device is rebooted.
General Comments:
I suspect the GSM US variant of the Galaxy Note II is different, because I can't explain
why the device will not update the IMEI even with superuser rights. Along the way, I tried to
do a factory reset as well, but remember this approach made little difference since the device
was near factory settings from the onset since I just downgraded to 4.1.1.
Questions
Am I missing another method? please point me in the correct direction -- I'm stumped.
I value and appreciate any input in advance that you could lend.
when you first bought the phone and put in your t-mobile S I M card in it..
what happened .
are you sure its not a blocked imei phone.
this seems to be going around...
are you trying to use it on t- mobile ..
please post the original issue not just want you done to try and fix it..
Thank you for the reply.
This problem stinks.
I don't have a tmobile sim card. The phone is for Tmobile and I hope to use the phone on T-mobile's MVNO (mobile network virtual operator) SimpleMobile, a carrier that piggybacks on the Tmobile carrier. I have Simplemobile SIM card, which the device does not recognize. The network in the "About Phone" in Settings is listed as Unknown. I think that the phone is locked, but I thought that this issue is exclusive of my present dilemma.
So, what is preventing me from writing an update to the device? There are a couple of good Qulalcomm
tools on the market like DFS CDMA ver. 4.7.0.2 and Qualcomm NV Tools, but both of which
fail to restore the IMEI. Is this a CDMA vs GSM tool interface issue?
Where is the IMEI stored on the device? My efs/imei folder only has one file: "mps_code.dat"
(I guess NV_DATA.BIN file is not present for LTE users.)
Thanks again, in any case.
If I were you, I'd try writing the T889 NV backup from the AWS mod thread with QPST or QXDM. Then finish off with the IMEI using EFS Professional.
As you've noticed, no NV_DATA.BIN for our devices. The /efs partition isn't enough of a backup to fix things.
Information applicable to the N7100 is going to be useless here since it has an Intel baseband, as opposed to the LTE variants which run on a Qualcomm chip.
Darkshado said:
If I were you, I'd try writing the T889 NV backup from the AWS mod thread with QPST or QXDM. Then finish off with the IMEI using EFS Professional.
As you've noticed, no NV_DATA.BIN for our devices. The /efs partition isn't enough of a backup to fix things.
Information applicable to the N7100 is going to be useless here since it has an Intel baseband, as opposed to the LTE variants which run on a Qualcomm chip.
Click to expand...
Click to collapse
Thank you Dark Shado[w].
Fifth Method:
I used QPST configuration to establish a serial connection. Using one of the software's client applications called
QPST Software Download, I made a backup of NV Memory Files and then used a hex editor
to locate the IMEI number (offset 00001700 --fyi) and made the repair. However, when I attempted to restore the
file using QPST Software Download, the software failed to update the device. Take note that the software indicated the memory restore worked. However, again, I'm not sure what is preventing me from writing to the device.
Every editor or tool that I have used to interface with the device successfully reads the device but does not write.
In the Qualcomm USB Settings, I have chosen either "RNDIS + DM + Modem" or "DM + MODEM + ADB" settings.
I also try to make sure that "USB Debugging" is checked in "Developer options" in Settings. (This
setting appears to toggle depending on which USB serial setting is chosen.)
I began messing around again with EFS Professional. The problem with this approach is that the backup file is stored in the form of an image file. Unfortunately, I can't edit the image to repair the IMEI with a hex editor.
Previously the backup file was in the form of a bin or text format making the process of editing easy.
I also confirmed indeed that the address location of the efs folder including the IMEI is recorded in /dev/block/mmcblk0p3 for Galaxy Note II LTE variants.
Any other ideas? Is there any other toolkits that might be easier to work with?
Hey since you already odin 4.1.1 go ahead and unlock your phone using the free unlock method. Than try using your simple mobile sim again.
G7Baker said:
Hey since you already odin 4.1.1 go ahead and unlock your phone using the free unlock method. Than try using your simple mobile sim again.
Click to expand...
Click to collapse
Hi G7Baker. Thank you for the reply.
I was not able to unlock the device using the *#197328640# approach.
The device is missing the "Press [4] NW LOCK NV DATA INITIALLIZ"
I read elsewhere that I needed to downgrade the device to 4.1.1 and this option
would reappear in the menu settings. Specifically, if I downgraded the modem from
4.1.2 to 4.1.1, this option would again appear. In my case, the option is still missing.
I figured that I would just focus on my corrupt IMEI before addressing the locking issue...but if you any ideas,
i am open.
I'll be blunt: you haven't listened to anything I've said.
Use the .qcn file from the AWS mod thread. Not yours hex-edited to contain your IMEI. You NV items are already messed up.
Toggling USB Debugging might undo the "RNDIS + DM + Modem" setting.
Use EFS Professional to type in (not copy-paste, it's a quirk in the UI) your IMEI, then write it. Make sure you've got the latest version, and that you're using the Qualcomm tools. Or hex-edit the file from the AWS mod thread since you're capable of doing so.
Ditch this "toolkit" mindset and get their actual components, latest versions, straight from the devs. You'll be able to check for issues in their respective threads as well.
Good luck,
Darkshado
Darkshado said:
I'll be blunt: you haven't listened to anything I've said.
Use the .qcn file from the AWS mod thread. Not yours hex-edited to contain your IMEI. You NV items are already messed up.
Toggling USB Debugging might undo the "RNDIS + DM + Modem" setting.
Use EFS Professional to type in (not copy-paste, it's a quirk in the UI) your IMEI, then write it. Make sure you've got the latest version, and that you're using the Qualcomm tools. Or hex-edit the file from the AWS mod thread since you're capable of doing so.
Ditch this "toolkit" mindset and get their actual components, latest versions, straight from the devs. You'll be able to check for issues in their respective threads as well.
Good luck,
Darkshado
Click to expand...
Click to collapse
Thank you Darkshado[w] for the advise.
Game plan
qcn generic file (binary format) --> modify imei in qcn generic file --> EFS Professional-Qualcomm (fourth tab) to apply Restore
Darkshado[w], I'm looking at the EFS Professional -- Qualcomm tab (fourth tab). Just to be clear, this tab has a
"Qualcomm NV Tools" button, to which I don't proceed. This tab has also a set of "NV Backup" and "NV Restore" functions. These functions are supported for US variants only. (The T-mobile T889 has a Qualcomm chipset Gobi MDM9215, making the device eligible, right? or I guess these tools are meant only for Sprint and Verizon variants only) These tools, I believe, are where you would like me to use to make my restoration possible.
Just to be clear, this Restore/Backup receives a binary file, opposed to "Qualcomm NV Tools" that receive a text file.
However, when I click on "NV Backup" or "NV Restore," the phone immediately reboots.
On the same page the following disclaimer is written "If these functions are not supported your phone will just reboot." My device rebooted and I can't use this approach for the moment.
---
I was searching the AWS thread to which you alluded.
On December 28, 2012, I saw that you posted a full NV backup, IMEI removed, at the following thread:
http://50.23.216.69/showthread.php?t=2068041&page=2
I downloaded your attachment and modified the TEXT file to include my repaired IMEI for the T889 and then used
EFS Profressional via "Qualcomm NV Tools" to restore to my device.
I made sure that the device was set for a USB serial connection,
since "Qualcomm NV Tools" would not make the SPC connection otherwise.
The restore procedure completed without any errors, but the device was not successfully written to...again.
---
I also downloaded the ATT_I317_AWSMOD_dumimei.qcn file from the thread. Using QPST via their client application "Software Download" I attempted to make the restoration.
I attempted the restoration twice using "RNDIS + DM + Modem" and "DM + Modem + ADB" settings. In the phone utility menu, UART was always set to "PDA" and USB was set to "PDA" as well. In both cases, the device was not written. The software indicated that the restoration was successful when in fact this case was untrue.
--
On the EFS Professional version2.0.062, I was able to generate backup files using the backup option located on the second tab.
For this backup option, I selected "International LTE Variants" for the "Device Filter." The software
generated one tar.gz file; however, when extracted, a efs.img file and four other bin files are revealed. Unfortunately, the image file of efs contains my corrupted IMEI, which I'm not sure how to edit. I tried to use Hex Workshop Hex Editor to edit the file but can't find the IMEI in this type of file. Alternatively,
is there a generic backup tar.gz of SGH-T889 that I can try to restore?
--
What are your thoughts? Please advise.
garbageslot said:
Hi G7Baker. Thank you for the reply.
I was not able to unlock the device using the #197328640# approach.
The device is missing the "Press [4] NW LOCK NV DATA INITIALLIZ"
I read elsewhere that I needed to downgrade the device to 4.1.1 and this option
would reappear in the menu settings. Specifically, if I downgraded the modem from
4.1.2 to 4.1.1, this option would again appear. In my case, the option is still missing.
I figured that I would just focus on my corrupt IMEI before addressing the locking issue...but if you any ideas,
i am open.
Click to expand...
Click to collapse
I later downgraded the firmware from T889UVALK8 to T889UVALJ1 of 4.1.1. The NW LOCK NV DATA INITIALLIZ
finally appeared and was able to unlock the device successfully. Awesome!
However, I'm still trying to figure why my NV Memory Block refuses to be written. Please share your input!
No solution ... yet.
I tried deleting the efs folder and then I went back through all the methods that I have discussed
really to determine if and when the device was being written. Trying to restore the efs folder from a backup
copy, my findings seem conclusive.
I found that the ONLY solution that replaced my efs folders was EFS Professional--Restore (third tab).
In my case, I'm just restoring my corrupt NV memory backup back onto the device, but this approach can
work for me. In all other methods that I employed, the device and software indicated that a successful update was
made but these cases are untrue; the device is not updated.
Where does this leave me? If I am going to flash my device using this restore feature of EFS Professional(third tab),
I need to flash a modified efs.img that is corrected for my corrupted imei.
Does anyone have a solution out there for the SGH-T889?
garbageslot said:
I later downgraded the firmware from T889UVALK8 to T889UVALJ1 of 4.1.1. The NW LOCK NV DATA INITIALLIZ
finally appeared and was able to unlock the device successfully. Awesome!
However, I'm still trying to figure why my NV Memory Block refuses to be written. Please share your input!
Click to expand...
Click to collapse
I learned today that someone claimed that this SGH-T889 device has a hardware security measure in place. The device has a chip that has the IMEI that is write/no-rewrite (eMMC?); therefore, successful service combines both a hardware and software approach. My "deep throat" operative also said that the IMEI for this particular device appears in five different places within the NV Memory block, making the repair not so trivial.
Can anyone confirm this statement? I can't find anywhere where this statement is validated.
I would have to call bulls..t on that, I lost my imei flashing a tmobile modem to get lte and was able to rewrite my imei and get it working. Took me 2 days and lots of messing around but finally worked.
http://forum.xda-developers.com/showthread.php?t=2068281
You can try this link has some valuable info and links.
rail205 said:
I would have to call bulls..t on that, I lost my imei flashing a tmobile modem to get lte and was able to rewrite my imei and get it working. Took me 2 days and lots of messing around but finally worked.
http://forum.xda-developers.com/showthread.php?t=2068281
You can try this link has some valuable info and links.
Click to expand...
Click to collapse
Thank you Rail205 for your reply. Reviewing the thread that you sent,
I'm still not sure how I should proceed.
I was comparing my device allocation using the df command on the android emulation terminal .
# df
My partition allocations are consistent with jravi and darkshado[w] on the first page of the thread,
so I'm wary if I flash with an updated PIT file that this approach will make a difference.
My device is reading the correct internal storage for example.
To reiterate, if the block allocations are the same, can I assume that using a new T889V pit file
on my device the T889 will make no difference?
Currently, my device is now unlocked, rooted with a 4.1.2 OS.
The device has radio service.
Unlike everyone else who has been successful e.g. Darkshado[w] who has successfully
written an editable hex file or text file (depending on the method employed), my
device remains unmodified when performing approaches of this kind.
The only method that appears to work for me is flashing an image file
using EFS Professional (third tab).
This dilemma is the chicken / egg conundrum, how do I flash the device with the corrected img file
when I don't have a copy of an img file with the corrected imei with which to flash? Otherwise, considering
a no-img file approach, I could try to make the partitions writable (fyi I have used Root Explorer already to modify
the permissions of /dev/block, /efs and /factory before attempting an update -- you guessed it, no luck.)
Anyone, any thoughts? Anyone?
Success!
Sixth Method
NOTE: Please also refer to "Six Method. Addendum" post #21 located later in this thread. Both posts are critical to understanding the complete solution.
Well, I decided to go to one of these guys who advertise on Craigslist to repair corrupt IMEI. He claimed that he was using one of these boxes that reads and writes without technically flashing the device.
I sat with him for a couple hours, and, in the end, he could not do it! My IMEI went from some corrupted output to reading simply "0/9." At that point, I had limited phone service and mobile data EDGE only. The device had trouble finding the DM mode as well. (He felt so bad that he couldn't take my money, but this moment was also a validation for me that my device had a very specific problem, not a trivial contest in the least, but an awesome validation that this last week's efforts were not in vain: If the 'expert' can't figure this out, then where would this leave me?)
An important note worth mentioning is that the Craigslist guy downgraded my android OS from 4.1.2 prior to making modifications. Unfortunately,
I did not note to which version and build he downgraded. (My guess: most likely a build variation of 4.1.1 OS)
Anyhow, so I returned home and decided to get to work and access the phone through the service mode with the intention of rebuilding the NV memory block.
*#197328640#
[1] UMTS
[6] Common
[6] NV REBUILD
[1] Load defaut NV
This approach changed my IMEI from "0/9" to "0/0." Now, when I tried connecting to the device, the software read the correct DM Mode. (Interestingly, I still received limited phone service.)
I used a program called "NV-items reader_writer v1.0." Of the many programs that I tried, this program is super simple since the software output is text based i.e. you don't need a hex editor. The download link is here.
http://modemfiles.blogspot.com/2013/09/download-free-nv-items-reader-writer.html
I extracted the memory block from decimal address 550 to 550 and modified the block to read my non-corrupted IMEI. (I didn't need
to change root permissions or anything complicated like that, steps I performed in some of my previous method-approaches.)
My device finally was written and read the correct IMEI!
Thank you to everyone who contributed. My success is your own!
UPDATE:
So, as I mentioned above that I was receiving EDGE only and the carrier service was spotty. In the end, I realized that my NV Build was corrupted, and since I was now able to write to the device, I corrected this problem by referencing Darkshado[w]'s post.
On December 28, 2012, I saw that he posted a full NV backup for the T889, IMEI removed, at the following thread:
http://50.23.216.69/showthread.php?t=2068041&page=2
UPDATE: XDA admins have invalided the hyperlink to Darkshado[w]'s original post. If you require the text file, private message me with your email
and I will send you the same template file that he had originally made available. (edited 7/18/2015)
Using "NV-items reader_writer v1.0," I wrote to my device using the file provided by Darkshado[w]. Again just to be clear, I restored the entire NV build and only changed the IMEI block, which is located at decimal address 550. Now, my device is finally getting reliable connectivity at 4G speeds (only 4G, opposed to LTE, since I'm using a MVNO instead of a direct Tmobile plan). Anyways awesome still!
I'm glad you fixed it man!..you went through Hell fixing your phone.
I ALWAYS read and follow these "bad IMEI" threads to learn something "just in case" and I must say that your case it's the most complex (for me anyways) I've ever read.
Cheers to you!
New link to file please
garbageslot said:
Success!
Sixth Method
Well, I decided to go to one of these guys who advertise on Craigslist to repair corrupt IMEI. He was using one of these boxes
that reads and writes without technically flashing the device.
I sat with him for a couple hours, and, in the end, he could not do it! My IMEI went from some corrupted output
to reading simply "0/9." I had limited phone service and mobile data EDGE only. The device had trouble finding the DM mode as well. (He felt so bad that he couldn't take my money, but this moment was also a validation for me that my device had a very specific problem, not a trivial contest in the least, but an awesome validation that this last week's efforts were not in vain: If the 'expert' can't figure this out, then where would this leave me?)
Anyhow, so I returned home and decided to get to work and put the phone into a service mode with the intention
of rebuilding the NV memory block.
*#197328640#
[1] UMTS
[6] Common
[6] NV REBUILD
[1] Load defaut NV
This approach changed my IMEI from 0/9 to 0/0. Now, when I tried connecting to the device,
the software read the correct DM Mode. (Interestingly, I still received limited phone service.)
I used a program called "NV-items reader_writer v1.0." Of the many programs that I tried, this program
is super simple since the software output is text based i.e. you don't need a hex editor. I extracted the memory block
from decimal address 550 to 550 and and modified the block to read my non-corrupted IMEI. (I didn't need
to change root permissions or anything complicated like that, steps I performed in some of my previous
method-approaches.)
My device finally was written and reads the correct IMEI!
The guy from Craigslist suspects -- mind you, he wasn't gregarious in the least-- he hinted that "the box"
was needed to break some kind of internal logical state between the device's IMEI and
T-mobile's network protocols. Once this state was broken, the device was receptive to being written.
Thank you to everyone who contributed. My success is your own!
UPDATE:
So, as I mentioned above that I was receiving EDGE only and the carrier service was spotty. In the end, I realized that my NV Build was corrupted, but since I was now able to write to the device, I corrected this problem by referencing Darkshado[w]'s post.
On December 28, 2012, I saw that he posted a full NV backup for the T889, IMEI removed, at the following thread:
Using "NV-items reader_writer v1.0," I wrote to my device with the corrected IMEI using the file from Darkshado[w] as a template (replacing decimal address 550). Now, my device is finally getting reliable connectivity and 4G speeds (only 4G, opposed to LTE, since I'm using a MVNO instead of a direct Tmobile plan). Anyways awesome still!
Click to expand...
Click to collapse
Hello! I'm facing the same issue with my T889, could you please re-post the file from darkshadow's post?
Thank you!
NV Backup Blank-IMEI Template File
walydiesel said:
Hello! I'm facing the same issue with my T889, could you please re-post the file from darkshadow's post?
Thank you!
Click to expand...
Click to collapse
Thank you WalyDiesel for the follow up.
The administrators of this site appear to have made the original link outdated since I started this thread..
Please internally message me your email and I will send you the NV Backup Blank-IMEI template file.
(The file exceeded the attachment limits for this thread.)
You still need to edit decimal address 00550
to your specific IMEI number. Upon doing so,
write the entire file to your T889 device.
Good luck! -- You are in the home stretch.
garbageslot said:
Thank you WalyDiesel for the follow up.
The administrators of this site appear to have made the original link outdated since I started this thread..
Please internally message me your email and I will send you the NV Backup Blank-IMEI template file.
(The file exceeded the attachment limits for this thread.)
You still need to edit decimal address 00550
to your specific IMEI number. Upon doing so,
write the entire file to your T889 device.
Good luck! -- You are in the home stretch.
Click to expand...
Click to collapse
Ok! I sent you my email inbox.
Thank you!
walydiesel said:
Ok! I sent you my email inbox.
Thank you!
Click to expand...
Click to collapse
I'm back!
Unfortunately, the past two days I tried, But I can't write back the file to phone using nv_reader_writer tool. I can't even read from phone. It keeps saying "Failed, phone does not answer".
I read on a thread that it could be because my chip is not Qualcomm. In fact my chip is Exynos. Is it the problem? Is there another tool that I could use? Thank you.
P.S: I'm running stock android 4.3. I also tried stock 4.1.2. Same result and Service mode just leads me to a black screen with Serviceode written on top.
GOOD MORNING GOOD AFTERNOON GOOD NIGHT
I NEED SOMEONE TO TAKE ME BACKUP OF MODEM
AFTER FLOATING XPOSED IN THE OREO
MY DEVICE GAVE LOOP AND BLOCKED THE FRP
SO I GOT FLASHEAR ROM WITH DC PHOENIX PQ MY FRP TAVA LOCKED
WHEN MY DEVICE WENT BACK I HAD TO RECORD THE THINGS VIA HCU
(IMEI, SN, PCB SN, COUTRY, VENDOR)
THIS SN PCB MAKES AN IDEA OF WHAT IT WAS
I'M NOT GETTING ANYWHERE ...
MY APPLIANCE HAS RETURNED JA PASSED VARIOUS ROMS BUT IT DOES NOT REGISTER NETWORK
IN TRUTH HE REGISTERS VERY RARELY AND FOR A LITTLE TIME
In HCU IT DID ERASE ANY PART OF THE PROCESS ....
60 EUROS PURCHASING CREDITS IN THE APPLICATION
I BELIEVE THAT I CORRUPTED ANY FOLDER RELATED TO MODEM IMEI ETC ....
DC PHOENIX HAS 2 OPTIONS MARKED
RELATED TO DELETE THE OEM AND OTHER NV
I BELIEVE I TURNED OFF THE MODEM PARTITION
IF SOME CAN GIVE A STRENGTH
THANK YOU
nvram folder is empty twooo....did u try to flash system again?
Yes
Yes several times I believe that only with a physical box, I would like to try to restore this folder to see
Filipehuawei said:
Yes several times I believe that only with a physical box, I would like to try to restore this folder to see
Click to expand...
Click to collapse
this folder is empty bro... i tried to see what's contain try to know what u really need in order that i can help you
Thank you
Thank you for your willingness.
I need the particao that makes the communication between modem and imei
Everything related to this
My phone does not pick up a signal after what happened