Related
Hi. I am relatively new with the PDA scene and as much as I would have loved to read an answer to my question from some other thread instead of starting a new one, I could not do it cos there are none. At least in "idiot's guide" style.
To the question that is stated in the title. As much as I have understood, there are (at least) three storage areas on a device (mine being Vodafone v1520) - the ROM, the EXT ROM and the files that we see on under "My Device" in Explorer. Some of the files have been marked as "ROM" if to look at the properties and those cannot be deleted (at least I haven't found any way) but they can be overwritten (with Resco or smth). The point of my question is that when I overwrite the WELCOME.GIF file (marked as ROM file, it's VF splash screen) it does overwrite it nicely (confirmed) but when I hard reset, it's back. Although I don't understand also why after overwriting I still see the VF logo instead of my own file, that is a separate issue.
The reason I am asking this is that nobody in this forum has been able to answer me how to unlock the EXTROM part on that ASUS P550 that I have. So I thought maybe if I change the STARTER.EXE or GENERALINSTALLER.EXE to something pointless, the EXTROM part won't be installed.
Although I suspect the VF logo is displayed from EXTROM part while booting, cos there is nowhere else that same file in normal storage.
Summary:
1) Does changing files marked as "ROM" really change ROM files or is it until the next hard reset and why?
2) Does anyone know how to unlock and unhide the EXTROM part on ASUS P550?
3) Does anyone know where the VF splash screen comes from while booting?
If anyone has ANY information on these issues, PLEASE enlighten me. It seems that there are a lot of senior members who have the knowledge but are quite unwilling to share it. I don't know why but it seriously sucks that they don't reply to threads or PM. I thought this forum was for helping each other, not giggling behind the screen: "I know something You don't". At least that is the impression that I have recently gained when trying to contact people that have the knowledge.
Thanks.
aiiro
The answer to your "stupid" question - "are ROM files REALLY ROM files" - is NO.
The question is not stupid and the files are really not the files.
Actually you have only the information about the files in ROM - the name, the size and other attributes. That's it.
You are not really overwritting anything when you copy the different file with the same name to ROM.
If you somehow dump the ROM from your device - you'll get real files.
Welcome Gif can permanently be changed only in dump.
Unlocking EXTROM .... I am not sure that I got what you mean. And why do you want to do that. But do the following: with Resco Registry go to
HKEY_LOCAL_MACHINE\System\StorageManager\Profiles\TRUEFFS_DOC2\FATFS
Change MountHidden value from 1 to 0
You will be able to see the EXTROM content.
VF splash screen definitely comes from Windows folder of your device while booting - it's a part of the ROM.
OK, thanks for a quite thorough reply, but I still don't get it then - why does Resco (or similar prog) ask to overwrite the file? OR, if it doesn't overwrite it, how do I see the new file in Windows folder and the prog looking for splash screen file does not?
The EXTROM fascinates me because after hard reset the device is installing some "Auto Installation packages" and as far as I have found out those come from the EXTROM. I suspected that the WELCOME.GIF came from there too but now I am not sure. Might have to dump the ROM somehow and look into it but there are not many people with P550 and like I said those who have, don't have the willingness to help with that.
BTW, thanks also for the tip about the registry, but I have tried all the registry tweaks that I have found (including the abovementioned) but none of the works...
Thanks again and looking forward to Your (or anyone else's) comments.
aiiro said:
OK, thanks for a quite thorough reply, but I still don't get it then - why does Resco (or similar prog) ask to overwrite the file? OR, if it doesn't overwrite it, how do I see the new file in Windows folder and the prog looking for splash screen file does not?
Click to expand...
Click to collapse
Resco has been done like you have!
Try to do the following: copy your own Welcome.gif to Windows folder. You will be prompted to overwrite. Say yes. Then simply delete that file. It will not disappear - the old version of file will become visible again. ROM is not a number of files - it is one file which contains a copy of the data that later will be written (flashing process) straight to a read-only memory chip.
(Pay attention on my words "read-only")
Imagine yourself a wall painted with a hell of 100 dollar bills. You can see them. But you cannot take one of them. You can even glue you own bill upon the drawn one. It will work. But when you wash the wall (hard-reset) - your real paper bill will be washed down and the old painted one will appear (sorry for metaphor)
BTW, thanks also for the tip about the registry, but I have tried all the registry tweaks that I have found (including the abovementioned) but none of the works...
Thanks again and looking forward to Your (or anyone else's) comments.
Click to expand...
Click to collapse
Nothing works probably cause the registry is write-protected. Unlock your registry by changing the following:
HKLM\Security\Policies\Policies\00001001 = 1
HKLM\Security\Policies\Policies\00001005 = 40
But! You would do it with the digitally signed regedit. For example - one is attached. Unzip it to your device, run it, change the security policy settings, reboot. Then try to tweak your Asus again.
The attached regedit has OEM Sign 2005 - hopefully it will work for you.
Thank You for a thorough explanation and especially for the metaphore - it was very helpful.
But about the registry - wow... I mean I haven't even heard of unlocking registry...
As usually, answers are generating new questions. The ones I have now are:
1) How come some of the registry tweaks made with Resco still work even now - like showing the clock instead of battery (changing the TBOpt key) etc and the values are still there after soft reset?
2) Resco is also digitally signed, isn't it?
3) If I use this app, will hard reset still create a clean registry? (The answer to this probably is "yes" but I still ask just to be sure).
4) Can I seriously f**k up something with this method?
Thanks in advance.
But
aiiro said:
... answers are generating new questions. The ones I have now are:
1) How come some of the registry tweaks made with Resco still work even now - like showing the clock instead of battery (changing the TBOpt key) etc and the values are still there after soft reset?
2) Resco is also digitally signed, isn't it?
3) If I use this app, will hard reset still create a clean registry? (The answer to this probably is "yes" but I still ask just to be sure).
4) Can I seriously f**k up something with this method?
Click to expand...
Click to collapse
Read your PM - sure I don't have any subscriptions, but it's OK (I mean PM) - it works.
So:
1. The point is that not the whole registry is write protected - only several "important" parts mostly in HKLM. Normally - if you change someting in HKCU - it will work even with the protected registry. The vendor only protects the keys and values that can cause some "critical" system changes.
2. If to tell the truth - I know that Resco has digital signature - but anyway the permission level of it does not allow you to modify the protected keys. So that's why I offered you to use Regedit, signed with the customizers.
3. For sure - after HardReset you will return to factory defaults completely - it means you registry will again become clean and write-protected.
4. It depends upon what you mean writing "seriously". The worst thing - to damage the bootloader, but you will never do that modifying the registry. So - feel free to do whatever you want - you will always be able to return to factory defaults.
OK, thank You very much for the explanation! I have bookmarked like 200 pages related to PDAs, which means that if even only every 10th page gets bookmarked, I have gone through thousands of pages in 4 months and I haven't stumbled on this information before. So everything You have enlightened me about here is most useful, thanks again!
I hope I will not push it but since You have been so helpful and seem to know stuff, I am risking asking some more questions. First of all, would You happen to know a good "idiot's guide to flashing ROM"? I have read those on the wiki but as they are for HTC devices and asus mobile club russia does not have any basic explanation in English, it's pretty hard to catch the idea. I know that much that there is a PC involved with some kind of programs etc, but that's about it. I don't even know what the hell is a bootloader. There also isn't any good PDA architecture drawings lying around in the net
The second question is also related to hardware. I have the Vodafone v1520 as mentioned above and it has a small annoyance - the earpiece volume adjustment during call does not work. The slider moves and I hear the clicks getting louder or quieter but the volume level of the caller voice does not change. I took it to a repair shop and they told me that it's a faulty hardware but I know that there are people with exactly the same problem in this forum and I find it hard to believe that they installed some kind of faulty earpiece on all these devices. Or is that possible? What do You think?
Thanks.
aiiro
Sorry dude but both your last questions are about the specific device - your Vodafone. To answer - I should buy Asus P550 and get an experience first. It's only 700 bucks in my country but I am not sure that I really wanna have it. My current device (pretty old now) is P525 and the next one will probably be Diamond or something better and more expensive.
Second thing - I am not IT professional - I am just a user. OK, I always use my own (cooked) ROMs but it does not mean that I can give the answers to all your questions!
OK, I knew I was pushing it a little bit and in no way did I mean that You should make some kind of spendings. I just thought maybe You had any ideas and maybe ASUS devices are similar enough that they are compatible ROM-wise with each other or something like that.
Anyway, thanks for those thorough replies - You have been most helpful! As soon as I will have some time I will try the registry things out.
Thanks again and good luck!
try to install this cab file ,I make it .you can QQ me by my QQ:421264988 my E-mail:[email protected]
i'm sorry ,I chinese ,and my English is very poor
安装这个CAB文件试试,我的手机也是P320,安装完解锁成功,但在删除程序里看不到之后安装的程序,欢迎和我交流,我的QQ:421264988 E-mail:[email protected]
对不起,我是中国人,我的英语很差
Modified registry values don't survive reboot?
Try switching the device off before reboot.
The registry is not flushed to disk at every write.
And search the net for
flushing registry pocketpc
Click to expand...
Click to collapse
newxda-new said:
Try switching the device off before reboot.
The registry is not flushed to disk at every write.
And search the net for
Click to expand...
Click to collapse
So if you reset the handheld without putting it into suspend mode before, you risk losing configuration data (registry settings)?
Thank you for the read-visit.
I recently bought a second hand Tmobile Samsung SGH-T889 Galaxy Note II. Unfortunately,
I inherited a host of issues. The IMEI is corrupted. In this thread, I'm hoping to figure
out why I can't successfully write to the device. I will list everything that I've tried so far,
and to be honest, I really don't know what I can try next. Share your input please!
SGH-T889
Build Version: M9615ACEHWMAZD17513035
Version Dir ;: ACEFWMAZ
Firmware: T889UVALK8:_(4.1.1) (12/19/12) [FACTORY IMAGE]
Preface:
I read in a few other threads where people were having issues with the 4.1.2 firmware, so
I elected to downgrade to the 4.1.1 using a factory image by flashing using Odin 3.0.7.
I then used "Galaxy Note2 Toolkit" to flash root of the device while also including clockworkmod
recovery and busybox.
First Method:
After downloading and installing the Android Terminal Emulator, I tried to enter
the following code to write to the device:
su
echo 'AT +EGMR=1,7,"IMEI_1"'> /dev/pttycmd1
The device accepted the commands, but the write never occurred.
On the web, this solution is everywhere; however, I think that the
solution is specifically for MTK phones. In fact, the output command
"pttycmd1" isn't in the /dev directory or anywhere within the root file structure.
Second Method:
Accessing the hidden menu on the phone by entering *#7284#, I modified
the Qualcomm USB settings to allow for a serial USB connection.
I then used the "Qualcomm NV Tools," included in the fourth tab of EFS Professional
development software, to restore the backup IMEI to the device at the memory block located
at decimal address 550. The device accepted the command and I received
no indication of error, but the device was again not overwritten.
Third Method:
I installed RootExplorer application and used this tool to access the root directory and made
a copy of the EFS folder where I assumed the IMEI is stored. I then deleted the folder allowing
the system to recreate the EFS Folder after a reboot and a factory reset. I repeated the
previous methods, but I wasn't able to make a difference. Consequently, I restored my EFS folder.
Fourth Method:
I tried messing around with permissions allowing for read/write for the "efs" and "factory" folders
within the root file structure. Notwithstanding, I also expanded my read/write changes to the /dev/block folder focusing in particular on /dev/block/mmcblk0p3. (I read in another thread that the IMEI was stored in this block
/dev/block/mmcblk0p3.) Changing ownership of the files "owner" and "group" to root, I then tried writing to the device again using the previous methods mentioned, as well as fiddling around with another software called
"NV-items reader_writer v1.0," but all these approaches failed too.
Just as an added comment, I think that file manager such as Root Explorer re-mounts a read only root file
structure as a floating read/write. Therefore, while I think that I'm making changes to permissions -- I am, because I can see the change occur -- this change is actually temporary until the device is rebooted.
General Comments:
I suspect the GSM US variant of the Galaxy Note II is different, because I can't explain
why the device will not update the IMEI even with superuser rights. Along the way, I tried to
do a factory reset as well, but remember this approach made little difference since the device
was near factory settings from the onset since I just downgraded to 4.1.1.
Questions
Am I missing another method? please point me in the correct direction -- I'm stumped.
I value and appreciate any input in advance that you could lend.
when you first bought the phone and put in your t-mobile S I M card in it..
what happened .
are you sure its not a blocked imei phone.
this seems to be going around...
are you trying to use it on t- mobile ..
please post the original issue not just want you done to try and fix it..
Thank you for the reply.
This problem stinks.
I don't have a tmobile sim card. The phone is for Tmobile and I hope to use the phone on T-mobile's MVNO (mobile network virtual operator) SimpleMobile, a carrier that piggybacks on the Tmobile carrier. I have Simplemobile SIM card, which the device does not recognize. The network in the "About Phone" in Settings is listed as Unknown. I think that the phone is locked, but I thought that this issue is exclusive of my present dilemma.
So, what is preventing me from writing an update to the device? There are a couple of good Qulalcomm
tools on the market like DFS CDMA ver. 4.7.0.2 and Qualcomm NV Tools, but both of which
fail to restore the IMEI. Is this a CDMA vs GSM tool interface issue?
Where is the IMEI stored on the device? My efs/imei folder only has one file: "mps_code.dat"
(I guess NV_DATA.BIN file is not present for LTE users.)
Thanks again, in any case.
If I were you, I'd try writing the T889 NV backup from the AWS mod thread with QPST or QXDM. Then finish off with the IMEI using EFS Professional.
As you've noticed, no NV_DATA.BIN for our devices. The /efs partition isn't enough of a backup to fix things.
Information applicable to the N7100 is going to be useless here since it has an Intel baseband, as opposed to the LTE variants which run on a Qualcomm chip.
Darkshado said:
If I were you, I'd try writing the T889 NV backup from the AWS mod thread with QPST or QXDM. Then finish off with the IMEI using EFS Professional.
As you've noticed, no NV_DATA.BIN for our devices. The /efs partition isn't enough of a backup to fix things.
Information applicable to the N7100 is going to be useless here since it has an Intel baseband, as opposed to the LTE variants which run on a Qualcomm chip.
Click to expand...
Click to collapse
Thank you Dark Shado[w].
Fifth Method:
I used QPST configuration to establish a serial connection. Using one of the software's client applications called
QPST Software Download, I made a backup of NV Memory Files and then used a hex editor
to locate the IMEI number (offset 00001700 --fyi) and made the repair. However, when I attempted to restore the
file using QPST Software Download, the software failed to update the device. Take note that the software indicated the memory restore worked. However, again, I'm not sure what is preventing me from writing to the device.
Every editor or tool that I have used to interface with the device successfully reads the device but does not write.
In the Qualcomm USB Settings, I have chosen either "RNDIS + DM + Modem" or "DM + MODEM + ADB" settings.
I also try to make sure that "USB Debugging" is checked in "Developer options" in Settings. (This
setting appears to toggle depending on which USB serial setting is chosen.)
I began messing around again with EFS Professional. The problem with this approach is that the backup file is stored in the form of an image file. Unfortunately, I can't edit the image to repair the IMEI with a hex editor.
Previously the backup file was in the form of a bin or text format making the process of editing easy.
I also confirmed indeed that the address location of the efs folder including the IMEI is recorded in /dev/block/mmcblk0p3 for Galaxy Note II LTE variants.
Any other ideas? Is there any other toolkits that might be easier to work with?
Hey since you already odin 4.1.1 go ahead and unlock your phone using the free unlock method. Than try using your simple mobile sim again.
G7Baker said:
Hey since you already odin 4.1.1 go ahead and unlock your phone using the free unlock method. Than try using your simple mobile sim again.
Click to expand...
Click to collapse
Hi G7Baker. Thank you for the reply.
I was not able to unlock the device using the *#197328640# approach.
The device is missing the "Press [4] NW LOCK NV DATA INITIALLIZ"
I read elsewhere that I needed to downgrade the device to 4.1.1 and this option
would reappear in the menu settings. Specifically, if I downgraded the modem from
4.1.2 to 4.1.1, this option would again appear. In my case, the option is still missing.
I figured that I would just focus on my corrupt IMEI before addressing the locking issue...but if you any ideas,
i am open.
I'll be blunt: you haven't listened to anything I've said.
Use the .qcn file from the AWS mod thread. Not yours hex-edited to contain your IMEI. You NV items are already messed up.
Toggling USB Debugging might undo the "RNDIS + DM + Modem" setting.
Use EFS Professional to type in (not copy-paste, it's a quirk in the UI) your IMEI, then write it. Make sure you've got the latest version, and that you're using the Qualcomm tools. Or hex-edit the file from the AWS mod thread since you're capable of doing so.
Ditch this "toolkit" mindset and get their actual components, latest versions, straight from the devs. You'll be able to check for issues in their respective threads as well.
Good luck,
Darkshado
Darkshado said:
I'll be blunt: you haven't listened to anything I've said.
Use the .qcn file from the AWS mod thread. Not yours hex-edited to contain your IMEI. You NV items are already messed up.
Toggling USB Debugging might undo the "RNDIS + DM + Modem" setting.
Use EFS Professional to type in (not copy-paste, it's a quirk in the UI) your IMEI, then write it. Make sure you've got the latest version, and that you're using the Qualcomm tools. Or hex-edit the file from the AWS mod thread since you're capable of doing so.
Ditch this "toolkit" mindset and get their actual components, latest versions, straight from the devs. You'll be able to check for issues in their respective threads as well.
Good luck,
Darkshado
Click to expand...
Click to collapse
Thank you Darkshado[w] for the advise.
Game plan
qcn generic file (binary format) --> modify imei in qcn generic file --> EFS Professional-Qualcomm (fourth tab) to apply Restore
Darkshado[w], I'm looking at the EFS Professional -- Qualcomm tab (fourth tab). Just to be clear, this tab has a
"Qualcomm NV Tools" button, to which I don't proceed. This tab has also a set of "NV Backup" and "NV Restore" functions. These functions are supported for US variants only. (The T-mobile T889 has a Qualcomm chipset Gobi MDM9215, making the device eligible, right? or I guess these tools are meant only for Sprint and Verizon variants only) These tools, I believe, are where you would like me to use to make my restoration possible.
Just to be clear, this Restore/Backup receives a binary file, opposed to "Qualcomm NV Tools" that receive a text file.
However, when I click on "NV Backup" or "NV Restore," the phone immediately reboots.
On the same page the following disclaimer is written "If these functions are not supported your phone will just reboot." My device rebooted and I can't use this approach for the moment.
---
I was searching the AWS thread to which you alluded.
On December 28, 2012, I saw that you posted a full NV backup, IMEI removed, at the following thread:
http://50.23.216.69/showthread.php?t=2068041&page=2
I downloaded your attachment and modified the TEXT file to include my repaired IMEI for the T889 and then used
EFS Profressional via "Qualcomm NV Tools" to restore to my device.
I made sure that the device was set for a USB serial connection,
since "Qualcomm NV Tools" would not make the SPC connection otherwise.
The restore procedure completed without any errors, but the device was not successfully written to...again.
---
I also downloaded the ATT_I317_AWSMOD_dumimei.qcn file from the thread. Using QPST via their client application "Software Download" I attempted to make the restoration.
I attempted the restoration twice using "RNDIS + DM + Modem" and "DM + Modem + ADB" settings. In the phone utility menu, UART was always set to "PDA" and USB was set to "PDA" as well. In both cases, the device was not written. The software indicated that the restoration was successful when in fact this case was untrue.
--
On the EFS Professional version2.0.062, I was able to generate backup files using the backup option located on the second tab.
For this backup option, I selected "International LTE Variants" for the "Device Filter." The software
generated one tar.gz file; however, when extracted, a efs.img file and four other bin files are revealed. Unfortunately, the image file of efs contains my corrupted IMEI, which I'm not sure how to edit. I tried to use Hex Workshop Hex Editor to edit the file but can't find the IMEI in this type of file. Alternatively,
is there a generic backup tar.gz of SGH-T889 that I can try to restore?
--
What are your thoughts? Please advise.
garbageslot said:
Hi G7Baker. Thank you for the reply.
I was not able to unlock the device using the #197328640# approach.
The device is missing the "Press [4] NW LOCK NV DATA INITIALLIZ"
I read elsewhere that I needed to downgrade the device to 4.1.1 and this option
would reappear in the menu settings. Specifically, if I downgraded the modem from
4.1.2 to 4.1.1, this option would again appear. In my case, the option is still missing.
I figured that I would just focus on my corrupt IMEI before addressing the locking issue...but if you any ideas,
i am open.
Click to expand...
Click to collapse
I later downgraded the firmware from T889UVALK8 to T889UVALJ1 of 4.1.1. The NW LOCK NV DATA INITIALLIZ
finally appeared and was able to unlock the device successfully. Awesome!
However, I'm still trying to figure why my NV Memory Block refuses to be written. Please share your input!
No solution ... yet.
I tried deleting the efs folder and then I went back through all the methods that I have discussed
really to determine if and when the device was being written. Trying to restore the efs folder from a backup
copy, my findings seem conclusive.
I found that the ONLY solution that replaced my efs folders was EFS Professional--Restore (third tab).
In my case, I'm just restoring my corrupt NV memory backup back onto the device, but this approach can
work for me. In all other methods that I employed, the device and software indicated that a successful update was
made but these cases are untrue; the device is not updated.
Where does this leave me? If I am going to flash my device using this restore feature of EFS Professional(third tab),
I need to flash a modified efs.img that is corrected for my corrupted imei.
Does anyone have a solution out there for the SGH-T889?
garbageslot said:
I later downgraded the firmware from T889UVALK8 to T889UVALJ1 of 4.1.1. The NW LOCK NV DATA INITIALLIZ
finally appeared and was able to unlock the device successfully. Awesome!
However, I'm still trying to figure why my NV Memory Block refuses to be written. Please share your input!
Click to expand...
Click to collapse
I learned today that someone claimed that this SGH-T889 device has a hardware security measure in place. The device has a chip that has the IMEI that is write/no-rewrite (eMMC?); therefore, successful service combines both a hardware and software approach. My "deep throat" operative also said that the IMEI for this particular device appears in five different places within the NV Memory block, making the repair not so trivial.
Can anyone confirm this statement? I can't find anywhere where this statement is validated.
I would have to call bulls..t on that, I lost my imei flashing a tmobile modem to get lte and was able to rewrite my imei and get it working. Took me 2 days and lots of messing around but finally worked.
http://forum.xda-developers.com/showthread.php?t=2068281
You can try this link has some valuable info and links.
rail205 said:
I would have to call bulls..t on that, I lost my imei flashing a tmobile modem to get lte and was able to rewrite my imei and get it working. Took me 2 days and lots of messing around but finally worked.
http://forum.xda-developers.com/showthread.php?t=2068281
You can try this link has some valuable info and links.
Click to expand...
Click to collapse
Thank you Rail205 for your reply. Reviewing the thread that you sent,
I'm still not sure how I should proceed.
I was comparing my device allocation using the df command on the android emulation terminal .
# df
My partition allocations are consistent with jravi and darkshado[w] on the first page of the thread,
so I'm wary if I flash with an updated PIT file that this approach will make a difference.
My device is reading the correct internal storage for example.
To reiterate, if the block allocations are the same, can I assume that using a new T889V pit file
on my device the T889 will make no difference?
Currently, my device is now unlocked, rooted with a 4.1.2 OS.
The device has radio service.
Unlike everyone else who has been successful e.g. Darkshado[w] who has successfully
written an editable hex file or text file (depending on the method employed), my
device remains unmodified when performing approaches of this kind.
The only method that appears to work for me is flashing an image file
using EFS Professional (third tab).
This dilemma is the chicken / egg conundrum, how do I flash the device with the corrected img file
when I don't have a copy of an img file with the corrected imei with which to flash? Otherwise, considering
a no-img file approach, I could try to make the partitions writable (fyi I have used Root Explorer already to modify
the permissions of /dev/block, /efs and /factory before attempting an update -- you guessed it, no luck.)
Anyone, any thoughts? Anyone?
Success!
Sixth Method
NOTE: Please also refer to "Six Method. Addendum" post #21 located later in this thread. Both posts are critical to understanding the complete solution.
Well, I decided to go to one of these guys who advertise on Craigslist to repair corrupt IMEI. He claimed that he was using one of these boxes that reads and writes without technically flashing the device.
I sat with him for a couple hours, and, in the end, he could not do it! My IMEI went from some corrupted output to reading simply "0/9." At that point, I had limited phone service and mobile data EDGE only. The device had trouble finding the DM mode as well. (He felt so bad that he couldn't take my money, but this moment was also a validation for me that my device had a very specific problem, not a trivial contest in the least, but an awesome validation that this last week's efforts were not in vain: If the 'expert' can't figure this out, then where would this leave me?)
An important note worth mentioning is that the Craigslist guy downgraded my android OS from 4.1.2 prior to making modifications. Unfortunately,
I did not note to which version and build he downgraded. (My guess: most likely a build variation of 4.1.1 OS)
Anyhow, so I returned home and decided to get to work and access the phone through the service mode with the intention of rebuilding the NV memory block.
*#197328640#
[1] UMTS
[6] Common
[6] NV REBUILD
[1] Load defaut NV
This approach changed my IMEI from "0/9" to "0/0." Now, when I tried connecting to the device, the software read the correct DM Mode. (Interestingly, I still received limited phone service.)
I used a program called "NV-items reader_writer v1.0." Of the many programs that I tried, this program is super simple since the software output is text based i.e. you don't need a hex editor. The download link is here.
http://modemfiles.blogspot.com/2013/09/download-free-nv-items-reader-writer.html
I extracted the memory block from decimal address 550 to 550 and modified the block to read my non-corrupted IMEI. (I didn't need
to change root permissions or anything complicated like that, steps I performed in some of my previous method-approaches.)
My device finally was written and read the correct IMEI!
Thank you to everyone who contributed. My success is your own!
UPDATE:
So, as I mentioned above that I was receiving EDGE only and the carrier service was spotty. In the end, I realized that my NV Build was corrupted, and since I was now able to write to the device, I corrected this problem by referencing Darkshado[w]'s post.
On December 28, 2012, I saw that he posted a full NV backup for the T889, IMEI removed, at the following thread:
http://50.23.216.69/showthread.php?t=2068041&page=2
UPDATE: XDA admins have invalided the hyperlink to Darkshado[w]'s original post. If you require the text file, private message me with your email
and I will send you the same template file that he had originally made available. (edited 7/18/2015)
Using "NV-items reader_writer v1.0," I wrote to my device using the file provided by Darkshado[w]. Again just to be clear, I restored the entire NV build and only changed the IMEI block, which is located at decimal address 550. Now, my device is finally getting reliable connectivity at 4G speeds (only 4G, opposed to LTE, since I'm using a MVNO instead of a direct Tmobile plan). Anyways awesome still!
I'm glad you fixed it man!..you went through Hell fixing your phone.
I ALWAYS read and follow these "bad IMEI" threads to learn something "just in case" and I must say that your case it's the most complex (for me anyways) I've ever read.
Cheers to you!
New link to file please
garbageslot said:
Success!
Sixth Method
Well, I decided to go to one of these guys who advertise on Craigslist to repair corrupt IMEI. He was using one of these boxes
that reads and writes without technically flashing the device.
I sat with him for a couple hours, and, in the end, he could not do it! My IMEI went from some corrupted output
to reading simply "0/9." I had limited phone service and mobile data EDGE only. The device had trouble finding the DM mode as well. (He felt so bad that he couldn't take my money, but this moment was also a validation for me that my device had a very specific problem, not a trivial contest in the least, but an awesome validation that this last week's efforts were not in vain: If the 'expert' can't figure this out, then where would this leave me?)
Anyhow, so I returned home and decided to get to work and put the phone into a service mode with the intention
of rebuilding the NV memory block.
*#197328640#
[1] UMTS
[6] Common
[6] NV REBUILD
[1] Load defaut NV
This approach changed my IMEI from 0/9 to 0/0. Now, when I tried connecting to the device,
the software read the correct DM Mode. (Interestingly, I still received limited phone service.)
I used a program called "NV-items reader_writer v1.0." Of the many programs that I tried, this program
is super simple since the software output is text based i.e. you don't need a hex editor. I extracted the memory block
from decimal address 550 to 550 and and modified the block to read my non-corrupted IMEI. (I didn't need
to change root permissions or anything complicated like that, steps I performed in some of my previous
method-approaches.)
My device finally was written and reads the correct IMEI!
The guy from Craigslist suspects -- mind you, he wasn't gregarious in the least-- he hinted that "the box"
was needed to break some kind of internal logical state between the device's IMEI and
T-mobile's network protocols. Once this state was broken, the device was receptive to being written.
Thank you to everyone who contributed. My success is your own!
UPDATE:
So, as I mentioned above that I was receiving EDGE only and the carrier service was spotty. In the end, I realized that my NV Build was corrupted, but since I was now able to write to the device, I corrected this problem by referencing Darkshado[w]'s post.
On December 28, 2012, I saw that he posted a full NV backup for the T889, IMEI removed, at the following thread:
Using "NV-items reader_writer v1.0," I wrote to my device with the corrected IMEI using the file from Darkshado[w] as a template (replacing decimal address 550). Now, my device is finally getting reliable connectivity and 4G speeds (only 4G, opposed to LTE, since I'm using a MVNO instead of a direct Tmobile plan). Anyways awesome still!
Click to expand...
Click to collapse
Hello! I'm facing the same issue with my T889, could you please re-post the file from darkshadow's post?
Thank you!
NV Backup Blank-IMEI Template File
walydiesel said:
Hello! I'm facing the same issue with my T889, could you please re-post the file from darkshadow's post?
Thank you!
Click to expand...
Click to collapse
Thank you WalyDiesel for the follow up.
The administrators of this site appear to have made the original link outdated since I started this thread..
Please internally message me your email and I will send you the NV Backup Blank-IMEI template file.
(The file exceeded the attachment limits for this thread.)
You still need to edit decimal address 00550
to your specific IMEI number. Upon doing so,
write the entire file to your T889 device.
Good luck! -- You are in the home stretch.
garbageslot said:
Thank you WalyDiesel for the follow up.
The administrators of this site appear to have made the original link outdated since I started this thread..
Please internally message me your email and I will send you the NV Backup Blank-IMEI template file.
(The file exceeded the attachment limits for this thread.)
You still need to edit decimal address 00550
to your specific IMEI number. Upon doing so,
write the entire file to your T889 device.
Good luck! -- You are in the home stretch.
Click to expand...
Click to collapse
Ok! I sent you my email inbox.
Thank you!
walydiesel said:
Ok! I sent you my email inbox.
Thank you!
Click to expand...
Click to collapse
I'm back!
Unfortunately, the past two days I tried, But I can't write back the file to phone using nv_reader_writer tool. I can't even read from phone. It keeps saying "Failed, phone does not answer".
I read on a thread that it could be because my chip is not Qualcomm. In fact my chip is Exynos. Is it the problem? Is there another tool that I could use? Thank you.
P.S: I'm running stock android 4.3. I also tried stock 4.1.2. Same result and Service mode just leads me to a black screen with Serviceode written on top.
Hey,
I've been researching the OP3 bootloader and the bootloader warning and I've found a possible method to hide it.
There is a file "emmc_appsboot.mbn" which contains information and strings (see content below). I'm not sure if modifying the file causes booting problems. I've examined the file and found something about verifying various files and blocking the boot process. I'm looking for someone who could help me and explain things. What do you think? If it's going to brick, would it be unbrickable?
Strings:
"Start >"
"< More options"
"Your device has been unlocker and cann't be trusted"
"To learn more, visit: g.co/placeholder"
"If no key pressed:
Your device will boot in 5 seconds"
Something about blocking the boot:
This phone has been flashed with unauthorized software & is locked. Call your mobile operator for additional support.Please note that repair/return for this issue may have additional cost.
boot_verifier: keystore length is invalid
I'm thinking about replacing all these texts with spaces to make the screen look blank. That's the way to "hide" the text, but there's still going to be the 5 seconds delay.
Download link to the file: http://d-h.st/SQID (Uploading attachments wasn't working when I posted this)
EDIT: Feel free to examine the file with a hex editor. Search for those strings to find the position.
There're already two threads dealing with the bootloader warning:
http://forum.xda-developers.com/oneplus-3/how-to/help-how-to-remove-device-unlocked-t3425028/page7
http://forum.xda-developers.com/oneplus-3/help/request-remove-bootloader-unlocked-t3405485
meiser said:
There're already two threads dealing with the bootloader warning:
http://forum.xda-developers.com/oneplus-3/how-to/help-how-to-remove-device-unlocked-t3425028/page7
http://forum.xda-developers.com/oneplus-3/help/request-remove-bootloader-unlocked-t3405485
Click to expand...
Click to collapse
I know, but neither one is dealing with this exact file/method. There is of course the "logo.bin", but I don't think it includes the warning message as I've found it from the file I discovered.
santeri3700 said:
I know, but neither one is dealing with this exact file/method. There is of course the "logo.bin", but I don't think it includes the warning message as I've found it from the file I discovered.
Click to expand...
Click to collapse
the "warning" message is inside the aboot....at the moment there's no way to modify this file....but....we will see.
lance2010 said:
the "warning" message is inside the aboot....at the moment there's no way to modify this file....but....we will see.
Click to expand...
Click to collapse
Isn't it possible to modify the hex codes? Or is it the verification that is the problem in this case?
Edit: I've seen that people edit this file with success.
santeri3700 said:
Isn't it possible to modify the hex codes? Or is it the verification that is the problem in this case?
Edit: I've seen that people edit this file with success.
Click to expand...
Click to collapse
where did you see it running?
editing is not the problem, flashing it back is not the problem...but the phone won't start, even if you change a single bit !
there's an checksum active even if you set your phone to unlock_critical...
lance2010 said:
where did you see it running?
editing is not the problem, flashing it back is not the problem...but the phone won't start, even if you change a single bit !
there's an checksum active even if you set your phone to unlock_critical...
Click to expand...
Click to collapse
It was a Samsung and a Xiaomi device (partition and bl unlocking stuff, so not exactly related to this). The checksum is what I'm after.
Unfortunately I don't have enough experience and I don't know if it's even possible to do this.
I'm wonder what exactly happens if I edited the code to have only "spaces" or "NBSP".
Would I get any response from the device? Would I see any error codes on the screen?
I'm too unsure to risk my device. But thanks for the answer!
if you not know how to use the OP3 unbrick tool, let it be..in result you got an unbootable device if you change anything inside the bootloader.
It can't be changed.
I was able to dump the RDC that is provisioned to my 640 XL prototype. I dumped it and renamed it with a .bin extension. Have a couple of questions for those that know more about as I currently know little.
1. What is the RDC file, meaning what does it consist of? Or how is it used?
2. Where is it written when writing it from thor2? Or where is it stored on the phone?
3. Can it be re-used or is it good only for the one device it is provisioned to?
So, I am not sure if "dump" is the correct term to use here, as the command from thor2 would include the option -readrdc which sends it to a file that you choose...So it is reading something from the phone and generating a file...
I opened the file in hex editor but see little about its contents. It is small in size, about 804 bytes. I tried to write it to a different device same model but it failed with a specific error "Certificate error 25 (0x19) (0)"
Thanks.
Where to get prototypes phone?
nate0 said:
I was able to dump the RDC that is provisioned to my 640 XL prototype. I dumped it and renamed it with a .bin extension. Have a couple of questions for those that know more about as I currently know little.
1. What is the RDC file, meaning what does it consist of? Or how is it used?
2. Where is it written when writing it from thor2? Or where is it stored on the phone?
3. Can it be re-used or is it good only for the one device it is provisioned to?
So, I am not sure if "dump" is the correct term to use here, as the command from thor2 would include the option -readrdc which sends it to a file that you choose...So it is reading something from the phone and generating a file...
I opened the file in hex editor but see little about its contents. It is small in size, about 804 bytes. I tried to write it to a different device same model but it failed with a specific error "Certificate error 25 (0x19) (0)"
Thanks.
Click to expand...
Click to collapse
A RDC file is a research and development certificate tied to the device hardware it came with, it will only work on the device it was shipped with, having the same IMEI, hardware serial number and everything unique, you can't use them with other devices at all.
@gus33000
I was almost certain it was unique to the device it was installed in. Does it reside on the boot partition? Thanks for sharing.
nate0 said:
@gus33000
I was almost certain it was unique to the device it was installed in. Does it reside on the boot partition? Thanks for sharing.
Click to expand...
Click to collapse
It's in DPP along with all other provisioned data specific to the phone, you won't be able to do anything with it, just abort, you'll loose time and you'll most likely brick devices.
Was only wanting to know more about it. Thanks again.
nate0 said:
Was only wanting to know more about it. Thanks again.
Click to expand...
Click to collapse
Also as a tip, never overwrite MODEM*, SSD, and DPP with the ones from another phone, it will be destructive for prototypes. I advise you make a full backup of the prototype emmc first, before doing anything, (even if it's just reflashing with a ffu, it's very important to back everything up in mass storage using something like Win32 disk imager), if you however for some reason ever end up with wrong MODEM*, DPP and/or SSD, boot to flash app, switch to download mode, send the emergency payloads for that device RM, and write the rdc, writing it without DLOAD won't work.
DPP is the one nice to work with but never copy and replace, delete and eventually copy over onto it
I need this file
Can you help
Kidsnet said:
I need this file
Click to expand...
Click to collapse
I sold this phone along with dozens of other Lumias and Windows Phones over 2 years ago. I do not own the phone anymore, and I unlikely will find that RDC file if I even backed it up. It would be almost to you unless you are the new owner of this exact device that I dumped it from. Are you planning to use the file for any other reason?
I got a refurbished mobile came locked so i have to fl it since its demanding protection key so i need help
nate0 said:
I sold this phone along with dozens of other Lumias and Windows Phones over 2 years ago. I do not own the phone anymore, and I unlikely will find that RDC file if I even backed it up. It would be almost to you unless you are the new owner of this exact device that I dumped it from. Are you planning to use the file for any other reason
Click to expand...
Click to collapse
Kidsnet said:
I got a refurbished mobile came locked so i have to fl it since its demanding protection key so i need help
Click to expand...
Click to collapse
They are coming already locked, or if there's any tool i can download so that it will vo well with m
Sounds like the lock you are seeing is like a safety net lock. Someone must have had windows on it but had logged in with their account in Windows 10 mobile and set up the Reset protection with their Microsoft account. There is a method to remove that but it is quite dangerous and could ruin the phone.
There is a way to by pass it though as a work around so that you can use the phone but every time you hard reset it it will always lock back.
nate0 said:
Sounds like the lock you are seeing is like a safety net lock. Someone must have had windows on it but had logged in with their account in Windows 10 mobile and set up the Reset protection with their Microsoft account. There is a method to remove that but it is quite dangerous and could ruin the phone.
There is a way to by pass it though as a work around so that you can use the phone but every time you hard reset it it will always lock back.
Click to expand...
Click to collapse
@Kidsnet this is especially a problem for a lumia 640/640 xl. Because what happens is that if they upgraded it to Windows 10 mobile and enabled the protection but you reflash it back to Windows phone 8 you will unlikely set yourself up to not even get a workaround to get in the phone. Since the provisioning of W10M and WP8 are completely different.
Hello Xperia users! In the meantime, I finally solved the VOLTE problem! I approached Qualcomm's diagnostic port-active-efsExplorer and solved the problem by inserting a VOLTE profile from my carrier
Sorry, this is Korea and I am Korean.
However, I will write down the method in English.
Unlike previous 1&5, Qualcomm's diagnostic port cannot be opened.
opening command
I don't even know. I don't think so.
So it's a little different from before.
I tried to force it open.
debugging connection
Open the Command Proposal window.
adb shell input
su input
Do you want to allow shell on your phone?
prompt acceptance of permission
Then the $ shape changes to #.
Now
setprop persist.usb.eng 1
Copy paste entry. Please enter
And you're gonna be out there during tethering.
In My Computer Item
View Device Manager.
Please turn debugging back on.
Of course, no access.
If you turn on debugging again,
I've already set it up, so it looks like that.
Among them, there is a product model named XQ-AT52.
There are four yellow exclamation points in total.
Manually update driver Press [port] to list the manufacturers
It's called Qualcomm hs-usb-diagh and 9091. with this
I need a manual update. gogo
Now run the EFS Express.
Press 0 on the ROW and OK.
(ROW or SF_Default)
Oh, it takes a long time. I thought it stopped.
It opens if you stay still. LOL
It's open. How nice to see you here!
I am the Korean telecommunication company EFS file extracted from xperia1.
I used it. If you need VOLTE,
XPERIA1 (Modem).Extract from SIN file
I will use the Korean communication file.
Just drag it and put it in a folder.
v check and Yes
There'll be folders that don't exist while you're pulling them in.
Then make it and put the file in.
In the folder where you can view this red file,
Drag and drop the file twice.
The reason is that once you do it, you just go in.
The red file is not updated.
That's how the numbers at the back change when you renew.
So make sure to put it in twice.
Files beginning with NV do not have folders.
Put it on top.
It's over now!
Volte Success ^0^ About IMS
VOLTE OK
Confirm Video Calls
It was such a hard time for me!
I was sad because I couldn't get help.
With 5G mobile phones in 2020,
It was terrible to be on the 3G phone.
If there's someone like me,
This information will help you a lot.
Finally, Marktu
Buy! Buy two! I love it.
This is great! How do we find VoLTE profile for our carriers?
mehdi_s82 said:
This is great! How do we find VoLTE profile for our carriers?
Click to expand...
Click to collapse
It's hidden in XPERIA1 firmware.
After downloading the firmware via Xperia Pim, change the extension to Modem.img in the Modem.sin file and extract it to the compression program (7z) to view the folder! Surprisingly, the world's telecommunications company VOLTE EFS file is hidden. +_+ Take advantage of it! You can open the VOLTE menu through the magazine module.
Hi, why don't you show by video or pictures. The windowns language is English. ???
Attach the necessary software.
Thanks
I estimate, its only possible by unlocking/rooting the phone?
how to
Even with the great contributors' information, I think there are a few areas where I struggle.
For additional information, I will post my success stories.
I'm posting them in machine translation. Please forgive me if it's hard to read.
STEP 1: Implement the Tools You Need
Please install the following tools.
QPST(QPST_2.7.460)
Qualcomm-hs-usb-diagnostics-9091-952454(DIAG driver)
Flashtool (and XperiaFirm)
newflasher(INSTALL is unnecessary, but please get it.)
*All of the above were available on the internet as of 8/15.
STEP2: Get a "modem" that supports VoLTE.
As a prerequisite (regardless of the DualSim/SinglSim model)
For countries that want to use VoLTE, SONY is offering
Official firmware is required.
In my example.
Purchased model: XQ-AT52 (for Hong Kong)
The country where you want to use it: Japan -> SO-51A is available.
(The difference in the number of slots in the SIM doesn't affect it. )
This is the case.
If the firmware to run VoLTE does not exist in the country where you want to use it
This method does not work.
The annotations are long, but here are the steps.
Use XperiFirm, provided by SONY in the country where you want to use VoLTE.
Download the firmware.
STEP3: Use the newflasher to write the firmware from STEP2 to your Xperia 1 ii.
In this case, if you want to burn into a model with a different number of SIM slots
Example: Writing SO-51A firmware to XQ-AT52
→The SIM will not be recognized, but it is temporary.
STEP4: Use EFS Explorer to get the necessary files.
Follow the steps of the great htcmage and have your Xperia 1 ii recognized by EFS Explorer.
4-1: Install the QPST.
4-2:Install Magisk on your Xperia 1 ii.
Therefore, it is mandatory to unlock the bootloader.
4-3:Execute the commands at the command prompt as follows.
adb shell
su
setprop persist.usb.eng 1
Magisk's permission is now required to get SuperUser privileges in su.
Note: From the Magisk menu, go to "# SuperUser" and click on
You can allow.
4-4: The debug mode is disconnected, so you need to re-enable it.
4-5: If you have installed the qualcomm-hs-usb-diagnostics-9091-952454 (DIAG driver), you can use
It is recognized by EFS Explorer.
4-6: On the Phone Selectio screen, Banner selects the ROW port.
STEP 5: Back up the files required for VoLTE activation.
Before following the steps below, you must have the SIM of the line/carrier you want to enable VoLTE on.
Please plug in.
I have backed up the following folders.
There may be some things you don't need, but at least it works.
Data_Profiles
efsprofiles
Ims.
nv/item_files/datamodem
nv/item_files/ims
nv/item_files/mcfg
nv/item_files/modem
STEP6: Write the firmware you want to use, and copy the file from STEP5 to
Override.
Follow steps 3 to 4 of STEP 3 to 4 to get the firmware you want to use.
Write & make EFS Explorer recognize it. (Don't remove the SIM.)
Then, overwrite it with the files backed up in STEP 5.
You should probably now have VoLTE available.
Thanks to the person who walked me through the Magisk installation process, and to the great htcmage.
Also, I pray that others wandering in the same sea of information will be saved.
:good:
sura_tth said:
Even with the great contributors' information, I think there are a few areas where I struggle.
For additional information, I will post my success stories.
I'm posting them in machine translation. Please forgive me if it's hard to read.
STEP 1: Implement the Tools You Need
Please install the following tools.
QPST(QPST_2.7.460)
Qualcomm-hs-usb-diagnostics-9091-952454(DIAG driver)
Flashtool (and XperiaFirm)
newflasher(INSTALL is unnecessary, but please get it.)
*All of the above were available on the internet as of 8/15.
STEP2: Get a "modem" that supports VoLTE.
As a prerequisite (regardless of the DualSim/SinglSim model)
For countries that want to use VoLTE, SONY is offering
Official firmware is required.
In my example.
Purchased model: XQ-AT52 (for Hong Kong)
The country where you want to use it: Japan -> SO-51A is available.
(The difference in the number of slots in the SIM doesn't affect it. )
This is the case.
If the firmware to run VoLTE does not exist in the country where you want to use it
This method does not work.
The annotations are long, but here are the steps.
Use XperiFirm, provided by SONY in the country where you want to use VoLTE.
Download the firmware.
STEP3: Use the newflasher to write the firmware from STEP2 to your Xperia 1 ii.
In this case, if you want to burn into a model with a different number of SIM slots
Example: Writing SO-51A firmware to XQ-AT52
→The SIM will not be recognized, but it is temporary.
STEP4: Use EFS Explorer to get the necessary files.
Follow the steps of the great htcmage and have your Xperia 1 ii recognized by EFS Explorer.
4-1: Install the QPST.
4-2:Install Magisk on your Xperia 1 ii.
Therefore, it is mandatory to unlock the bootloader.
4-3:Execute the commands at the command prompt as follows.
adb shell
su
setprop persist.usb.eng 1
Magisk's permission is now required to get SuperUser privileges in su.
Note: From the Magisk menu, go to "# SuperUser" and click on
You can allow.
4-4: The debug mode is disconnected, so you need to re-enable it.
4-5: If you have installed the qualcomm-hs-usb-diagnostics-9091-952454 (DIAG driver), you can use
It is recognized by EFS Explorer.
4-6: On the Phone Selectio screen, Banner selects the ROW port.
STEP 5: Back up the files required for VoLTE activation.
Before following the steps below, you must have the SIM of the line/carrier you want to enable VoLTE on.
Please plug in.
I have backed up the following folders.
There may be some things you don't need, but at least it works.
Data_Profiles
efsprofiles
Ims.
nv/item_files/datamodem
nv/item_files/ims
nv/item_files/mcfg
nv/item_files/modem
STEP6: Write the firmware you want to use, and copy the file from STEP5 to
Override.
Follow steps 3 to 4 of STEP 3 to 4 to get the firmware you want to use.
Write & make EFS Explorer recognize it. (Don't remove the SIM.)
Then, overwrite it with the files backed up in STEP 5.
You should probably now have VoLTE available.
Thanks to the person who walked me through the Magisk installation process, and to the great htcmage.
Also, I pray that others wandering in the same sea of information will be saved.
Click to expand...
Click to collapse
Hello, you are so cool Thank you so much for organizing the guide. I hope it helps many xperia 1 II users ah! I opened the volte-related menu without changing the firmware using the magical module. The reason is that the buildprop cannot be modified for this xperia1 II
pa// Attached file for used module
Has anyone had success doing this on the Xperia 5 ii ?
htcmage said:
Hello Xperia users! In the meantime, I finally solved the VOLTE problem! I approached Qualcomm's diagnostic port-active-efsExplorer and solved the problem by inserting a VOLTE profile from my carrier
Sorry, this is Korea and I am Korean.
However, I will write down the method in English.
Unlike previous 1&5, Qualcomm's diagnostic port cannot be opened.
opening command
I don't even know. I don't think so.
So it's a little different from before.
I tried to force it open.
debugging connection
Open the Command Proposal window.
adb shell input
su input
Do you want to allow shell on your phone?
prompt acceptance of permission
Then the $ shape changes to #.
Now
setprop persist.usb.eng 1
Copy paste entry. Please enter
And you're gonna be out there during tethering.
In My Computer Item
View Device Manager.
Please turn debugging back on.
Of course, no access.
If you turn on debugging again,
I've already set it up, so it looks like that.
Among them, there is a product model named XQ-AT52.
There are four yellow exclamation points in total.
Manually update driver Press [port] to list the manufacturers
It's called Qualcomm hs-usb-diagh and 9091. with this
I need a manual update. gogo
Now run the EFS Express.
Press 0 on the ROW and OK.
(ROW or SF_Default)
Oh, it takes a long time. I thought it stopped.
It opens if you stay still. LOL
It's open. How nice to see you here!
I am the Korean telecommunication company EFS file extracted from xperia1.
I used it. If you need VOLTE,
XPERIA1 (Modem).Extract from SIN file
I will use the Korean communication file.
Just drag it and put it in a folder.
v check and Yes
There'll be folders that don't exist while you're pulling them in.
Then make it and put the file in.
In the folder where you can view this red file,
Drag and drop the file twice.
The reason is that once you do it, you just go in.
The red file is not updated.
That's how the numbers at the back change when you renew.
So make sure to put it in twice.
Files beginning with NV do not have folders.
Put it on top.
It's over now!
Volte Success ^0^ About IMS
VOLTE OK
Confirm Video Calls
It was such a hard time for me!
I was sad because I couldn't get help.
With 5G mobile phones in 2020,
It was terrible to be on the 3G phone.
If there's someone like me,
This information will help you a lot.
Finally, Marktu
Buy! Buy two! I love it.
Click to expand...
Click to collapse
Do you loose 5g support after this method?
Does your mobile restart after changing the data carrier from Sim1 to Sim2?
R
htcmage said:
Hello, you are so cool Thank you so much for organizing the guide. I hope it helps many xperia 1 II users ah! I opened the volte-related menu without changing the firmware using the magical module. The reason is that the buildprop cannot be modified for this xperia1 II
pa// Attached file for used module
Click to expand...
Click to collapse
I reflash XQ AT 52 or AT 51 to XQ AT 72 (China) it resconized Simcard but no signal. This menthod will work in my case??? Thank you
FantasticBeast007 said:
Do you loose 5g support after this method?
Does your mobile restart after changing the data carrier from Sim1 to Sim2?
Click to expand...
Click to collapse
I have a xperia 1 mobile in India but my mobile not support volte please help me
dangh5 said:
I reflash XQ AT 52 or AT 51 to XQ AT 72 (China) it resconized Simcard but no signal. This menthod will work in my case??? Thank you
Click to expand...
Click to collapse
I have a xperia 1 in India but my mobile not support volte please help me
Xperia_xz3 said:
I have a xperia 1 in India but my mobile not support volte please help me
Click to expand...
Click to collapse
Same problem with me.
Mine is the Xperia 1 III.
Will this work with the 1 III Also?
Xperia_xz3 said:
I have a xperia 1 in India but my mobile not support volte please help me
Click to expand...
Click to collapse
Yes you can use volte jio in india.
Telegram - @lazypanda010
I have the Sony Xperia 1 II AU SOG01 Japanese model. I sim unlocked it, I put in my sim card, I use AT&T in the United States. But I can't make phone calls because the VoLTE toggle doesn't appear in settings. I can use data though. I don't understand this guide, can anyone here help me? Does anyone have experiece with this model?
Jmez6314 said:
I have the Sony Xperia 1 II AU SOG01 Japanese model. I sim unlocked it, I put in my sim card, I use AT&T in the United States. But I can't make phone calls because the VoLTE toggle doesn't appear in settings. I can use data though. I don't understand this guide, can anyone here help me? Does anyone have experiece with this model?
Click to expand...
Click to collapse
Hi! We have the same model, where did you sim unlocked your device?
sura_tth said:
how to
Even with the great contributors' information, I think there are a few areas where I struggle.
For additional information, I will post my success stories.
I'm posting them in machine translation. Please forgive me if it's hard to read.
STEP 1: Implement the Tools You Need
Please install the following tools.
QPST(QPST_2.7.460)
Qualcomm-hs-usb-diagnostics-9091-952454(DIAG driver)
Flashtool (and XperiaFirm)
newflasher(INSTALL is unnecessary, but please get it.)
*All of the above were available on the internet as of 8/15.
STEP2: Get a "modem" that supports VoLTE.
As a prerequisite (regardless of the DualSim/SinglSim model)
For countries that want to use VoLTE, SONY is offering
Official firmware is required.
In my example.
Purchased model: XQ-AT52 (for Hong Kong)
The country where you want to use it: Japan -> SO-51A is available.
(The difference in the number of slots in the SIM doesn't affect it. )
This is the case.
If the firmware to run VoLTE does not exist in the country where you want to use it
This method does not work.
The annotations are long, but here are the steps.
Use XperiFirm, provided by SONY in the country where you want to use VoLTE.
Download the firmware.
STEP3: Use the newflasher to write the firmware from STEP2 to your Xperia 1 ii.
In this case, if you want to burn into a model with a different number of SIM slots
Example: Writing SO-51A firmware to XQ-AT52
→The SIM will not be recognized, but it is temporary.
STEP4: Use EFS Explorer to get the necessary files.
Follow the steps of the great htcmage and have your Xperia 1 ii recognized by EFS Explorer.
4-1: Install the QPST.
4-2:Install Magisk on your Xperia 1 ii.
Therefore, it is mandatory to unlock the bootloader.
4-3:Execute the commands at the command prompt as follows.
adb shell
su
setprop persist.usb.eng 1
Magisk's permission is now required to get SuperUser privileges in su.
Note: From the Magisk menu, go to "# SuperUser" and click on
You can allow.
4-4: The debug mode is disconnected, so you need to re-enable it.
4-5: If you have installed the qualcomm-hs-usb-diagnostics-9091-952454 (DIAG driver), you can use
It is recognized by EFS Explorer.
4-6: On the Phone Selectio screen, Banner selects the ROW port.
STEP 5: Back up the files required for VoLTE activation.
Before following the steps below, you must have the SIM of the line/carrier you want to enable VoLTE on.
Please plug in.
I have backed up the following folders.
There may be some things you don't need, but at least it works.
Data_Profiles
efsprofiles
Ims.
nv/item_files/datamodem
nv/item_files/ims
nv/item_files/mcfg
nv/item_files/modem
STEP6: Write the firmware you want to use, and copy the file from STEP5 to
Override.
Follow steps 3 to 4 of STEP 3 to 4 to get the firmware you want to use.
Write & make EFS Explorer recognize it. (Don't remove the SIM.)
Then, overwrite it with the files backed up in STEP 5.
You should probably now have VoLTE available.
Thanks to the person who walked me through the Magisk installation process, and to the great htcmage.
Also, I pray that others wandering in the same sea of information will be saved.
Click to expand...
Click to collapse
Hi!
I think i missed something during yoyr great guide . My case is that I'm in Israel, where Sony doesn't provide original firmware, and I use Xperia 5 iii (XQ-BQ52 from UK), So will this guide work?
Thank you
ruchan said:
Hi! We have the same model, where did you sim unlocked your device?
Click to expand...
Click to collapse
I used a software called S1 Unlock Tool. You need to buy a credit from this website: https://networkunlocking.com/shop/sony-xperia-cable-unlock-0-counter-supported/. There is also a link to download the software. Along with unlocking your phone it will also grant you access to unlock your bootloader if you wish to do so. I did this and tried to root my phone but I wasn't successful, it just soft bricked my phone and was stuck in a boot loop. I had to use Xperia Companion to restore my phone. Maybe you can't root the Japanese variants, I'm not sure. I saw on here on another forum that you can root the Xperia 1 II.