EFS Recovery Guide [Snapdragon only]

Search This thread

Archit9169

Senior Member
May 13, 2016
652
420
Lucknow
Edit: problem solved. Tried installing multiple qcn files, one worked.

I had lost my Imei numbers.It showed no baseband version,no imei,no Bluetooth address. As a result sims don't connect. But memory card slot works. I've checked that the sim connector pins are okay.

In Short:
∆ What I have:
1. Twrp installed
2.Root
3. It wasn't unlocked officially because when I applied for unlocking, I was able to download the unlock tool but as I didn't have imei,so I couldn't add my device for unlocking ( developer options>unlock status> add device)
But when I got the imei back, I was able to add the device. Still I haven't unlocked it yet. So it shows only the MI logo while booting but not unlocked written below.

4. Currently I'm on MIUI 9.5.6.0 Global Stable rom. Android version 6.0.1 marshmallow.


What I tried to fix it:
1.
I tried flashing Stock roms, Miui 9.5, Miui 9.4, Custom roms but still didn't get the imei number.

2.
Tried Fixing the EFS through adb, didn't work.
Tried efs through fastboot mode, it said installing through fastboot is not allowed or something like that ( I don't remember exactly word by word,but it was something like that)

3.
Then at last I was able to write down my imei numbers Through QPST tool, thanks to a guide in mi community. ♡

I was only able to write 1 imei number as I have 1 imei number written in the sticker inside the phone. But I got Both imei numbers back but it shows unknown in ICCID unkown and others are unkown too. A screenshot is given below.

After getting my imei back, I inserted the sim,both slots show sim but there is no signal. When I try to call, there shows Radio off. And it tells me to turn off airplane mode but it was never turned on in the first place.

4.I flashed a backup of my current rom through twrp yesterday, tried to turn on radio through testing mode( *#*#4636#*#*) but didn't work. I couldn't change my radio mode to GSM , CDMA, LTE or anything else.. And the turn on radio button was grayed out.

Stuff that I haven't tried yet:

1. Flashing stock Miui 9.5.6 (not my twrp backup) through PC.

2. Installing NON-HLOS.bin file through fastboot mode.



Now what should I do to bring my phone back to life..?

You can try flashing non hlos bin but do unlock your bootloader or it will show partition flashing not allowed or something
 

AccountSaver

Senior Member
Sep 27, 2010
116
7
Thessaloniki
Try xposed module to change mac. If nothing then get the board change it may be hardware fault.

Hey , thanks in advance for the reply. Couldn't believe that someone would answer :p
Yes i tried with xposed module and all the versions that i could find ,phoneidchanger etc. all with .apk support.
But when i try to random mac it etc. and reboot it restores the old mac.
It doesn't hold the "new".
 

Archit9169

Senior Member
May 13, 2016
652
420
Lucknow
Hey , thanks in advance for the reply. Couldn't believe that someone would answer :p
Yes i tried with xposed module and all the versions that i could find ,phoneidchanger etc. all with .apk support.
But when i try to random mac it etc. and reboot it restores the old mac.
It doesn't hold the "new".

Well you can try to use qualcomm qcn tools to flash new qcn file. You can find several here. And there are forums on miui that provide very goog guides to use that. You have to manually modify mac address in qcn file. However very few guides are available that will help you change mac, every guide is related to imei.
 
  • Like
Reactions: kitcostantino

AccountSaver

Senior Member
Sep 27, 2010
116
7
Thessaloniki
Well you can try to use qualcomm qcn tools to flash new qcn file. You can find several here. And there are forums on miui that provide very goog guides to use that. You have to manually modify mac address in qcn file. However very few guides are available that will help you change mac, every guide is related to imei.

To tell you the truth ,i have searched around and everything is towards IMEI change.
I have found my qcn file , but even on that i try to change it with no "success".

I have find the "editor" that i could open the qcn file, i am writing it in code below.
Do you see any error,or what should i change and re-try it ?
I have seen only that the MACAddress is this :"020AF58989FF" but how is this translated to 2:00:00:00.

Code:
# Assigned MAC Addresses - This will be used until NV items are in place

# Each byte of MAC address is represented in Hex format as XX

Intf0MacAddress=020AF58989FF
Intf1MacAddress=040AF58989FE
Intf2MacAddress=060AF58989FD

Intf3MacAddress=080AF58989FC

# Set/Clear UAPSD mask

UapsdMask=0

# UAPSD service interval for VO,VI, BE, BK traffic

InfraUapsdVoSrvIntv=20

InfraUapsdViSrvIntv=40

# Flag to allow STA send AddTspec even when ACM is Off
gAddTSWhenACMIsOff=1

# Make 1x1 the default antenna configuration

gNumRxAnt=1


# Beacon filtering frequency (unit in beacon intervals)

gNthBeaconFilter=50


# Enable WAPI or not

# WAPIIsEnabled=0


# Flags to filter Mcast abd Bcast RX packets.

# Value 0: No filtering, 1: Filter all Multicast.

# 2: Filter all Broadcast. 3: Filter all Mcast abd Bcast

McastBcastFilter=3


#Flag to enable HostARPOffload feature or not

hostArpOffload=1


#SoftAP Related Parameters

# AP MAc addr

gAPMacAddr=000AF589dcab


# 802.11n Protection flag

gEnableApProt=1


#Enable OBSS protection

gEnableApOBSSProt=1


#Enable/Disable UAPSD for SoftAP

gEnableApUapsd=1


# Fixed Rate

gFixedRate=0


# Maximum Tx power

# gTxPowerCap=30


# Fragmentation Threshold

# gFragmentationThreshold=2346


# RTS threshold

RTSThreshold=2346


# Intra-BSS forward

gDisableIntraBssFwd=0


# WMM Enable/Disable

WmmIsEnabled=0
 

Archit9169

Senior Member
May 13, 2016
652
420
Lucknow
To tell you the truth ,i have searched around and everything is towards IMEI change.
I have found my qcn file , but even on that i try to change it with no "success".

I have find the "editor" that i could open the qcn file, i am writing it in code below.
Do you see any error,or what should i change and re-try it ?
I have seen only that the MACAddress is this :"020AF58989FF" but how is this translated to 2:00:00:00.

Code:
# Assigned MAC Addresses - This will be used until NV items are in place

# Each byte of MAC address is represented in Hex format as XX

Intf0MacAddress=020AF58989FF
Intf1MacAddress=040AF58989FE
Intf2MacAddress=060AF58989FD

Intf3MacAddress=080AF58989FC

# Set/Clear UAPSD mask

UapsdMask=0

# UAPSD service interval for VO,VI, BE, BK traffic

InfraUapsdVoSrvIntv=20

InfraUapsdViSrvIntv=40

# Flag to allow STA send AddTspec even when ACM is Off
gAddTSWhenACMIsOff=1

# Make 1x1 the default antenna configuration

gNumRxAnt=1


# Beacon filtering frequency (unit in beacon intervals)

gNthBeaconFilter=50


# Enable WAPI or not

# WAPIIsEnabled=0


# Flags to filter Mcast abd Bcast RX packets.

# Value 0: No filtering, 1: Filter all Multicast.

# 2: Filter all Broadcast. 3: Filter all Mcast abd Bcast

McastBcastFilter=3


#Flag to enable HostARPOffload feature or not

hostArpOffload=1


#SoftAP Related Parameters

# AP MAc addr

gAPMacAddr=000AF589dcab


# 802.11n Protection flag

gEnableApProt=1


#Enable OBSS protection

gEnableApOBSSProt=1


#Enable/Disable UAPSD for SoftAP

gEnableApUapsd=1


# Fixed Rate

gFixedRate=0


# Maximum Tx power

# gTxPowerCap=30


# Fragmentation Threshold

# gFragmentationThreshold=2346


# RTS threshold

RTSThreshold=2346


# Intra-BSS forward

gDisableIntraBssFwd=0


# WMM Enable/Disable

WmmIsEnabled=0

Try hex calculator. It should convert your mac address in hex format. Google it. Aside from this I have no clue. Technically in my experience even though sometimes my mac was software generated and then too the wifi and hotspot were working fine.
 

Who Me?

New member
Mar 28, 2011
1
0
Firstly, thanks for Achit9169 for the guide.
I followed it to the letter and had no luck. I tried multiple other software guides with a similar lack of success.

My reason for believing the fault to be software was due to the original symptoms being repeated random reboots/bootloops. These were resolved by a complete wipe and reload, at which time I lost bluetooth and WiFi MAC address.

Having exhausted software guides, I then did further checking and found the WiFi mac address of 02:00:00:00:00:00 is commonly associated with dry solder joints on the WiFi chip (multiple platforms affected).

Following this guide with a couple of variations allowed me to recover my WiFi and bluetooth.

Additional to the guide referred to above, I did use a K-type thermocouple on my multimeter to track the temp of the motherboard as I was reflowing the joints. I made sure the temperature reached 225degrees Celsius (above melt point of commonly used solders).

So if this guide hasn't worked for you, do look at hardware faults as a possible cause.
 

Ajendra25

Senior Member
Oct 15, 2016
282
129
Vadodara
@Archit9169

Hi buddy.. I need your urgent help
I'm on Pixel Experience Pie using RN5 Pro (Whyred India) and facing "No SIM" issue and baseband version also showing "Unknown" in latest ROM updates. (ROM having inbuilt OTA updates)

When I try to install any ROM update after 10 January build, it's all gives me same issue. But when I revert back to 10Jan build (dirty flash), SIM working perfectly!!

I tried everything as I know, tried to flash latest firmware, Kernel, backed up MODEM & EFS from 10Jan build and Restored it on latest ROM update. But "No luck" !!! :(

Please guide me and help me to get out of this...
Thanks
 

Attachments

  • Screenshot_20190206-123723.png
    Screenshot_20190206-123723.png
    64.7 KB · Views: 64
  • Screenshot_20190206-131452.png
    Screenshot_20190206-131452.png
    112.9 KB · Views: 63

Black_Stark

Senior Member
Sep 24, 2012
3,497
1,019
GOA
@Archit9169

Hi buddy.. I need your urgent help
I'm on Pixel Experience Pie using RN5 Pro (Whyred India) and facing "No SIM" issue and baseband version also showing "Unknown" in latest ROM updates. (ROM having inbuilt OTA updates)

When I try to install any ROM update after 10 January build, it's all gives me same issue. But when I revert back to 10Jan build (dirty flash), SIM working perfectly!!

I tried everything as I know, tried to flash latest firmware, Kernel, backed up MODEM & EFS from 10Jan build and Restored it on latest ROM update. But "No luck" !!! :(

Please guide me and help me to get out of this...
Thanks

Before doing any thing. I hope know that whyred has antirollback protection.
Do something stupid and u will endup in device brick or useless.
 

kostakar

New member
Apr 20, 2019
1
0
Can't download required files

I can't download the required files, I get an error when I request access from Google Drive. Thank you very much!
 

Archit9169

Senior Member
May 13, 2016
652
420
Lucknow
@Archit9169

Hi buddy.. I need your urgent help
I'm on Pixel Experience Pie using RN5 Pro (Whyred India) and facing "No SIM" issue and baseband version also showing "Unknown" in latest ROM updates. (ROM having inbuilt OTA updates)

When I try to install any ROM update after 10 January build, it's all gives me same issue. But when I revert back to 10Jan build (dirty flash), SIM working perfectly!!

I tried everything as I know, tried to flash latest firmware, Kernel, backed up MODEM & EFS from 10Jan build and Restored it on latest ROM update. But "No luck" !!! :(

Please guide me and help me to get out of this...
Thanks

If its working fine in previous build then stay with that fir a while. And if possible give logcats to your maintainer of pixel experience.

Another method is flash latest miui rom via edl or fastboot and then use it for an hour. Backup efs and flash pixel exp and restore efs after reboot. It should work then.
 

Archit9169

Senior Member
May 13, 2016
652
420
Lucknow
Sorry everyone but i gave away my kenzo to a friend and i dont have any backup files for it any longer. The one uploaded online got deleted because of my deactivated account. So if anyone has backup of kenzo or kate contact me and i will upload it here.
 

leandroogaby

Member
Aug 10, 2019
23
0
Do this if and only if you believe your EFS is corrupted, or you somehow erased it. If you are not sure about it, then simply follow the next guide to change you IMEI number. In most cases people loose their IMEI only and not the whole partition. Again, it may or may not work, so do this on your risk, and i am not to blame if anything bad happens, but if you do succeed, then don't forget to give me credit.

Note:
  • If your EFS is erased or corrupted, your IMEI and Baseband will be shown as unknown. In this case recover the EFS following this post, and then change the IMEI following the next post. If your IMEI is shown as 0, then you EFS is safe and most probably your IMEI is gone. In that case, no need to recover EFS, only change the IMEI number following my next post.
  • In TWRP, backup of kate wont show on kenzo and the backup up kenzo wont show on kate. In case no backup is shown even if you are using the right device, then try the dump flashing method or try changing the TWRP recovery.
  • Flashing this will only restore your EFS partition, but the IMEI will still be gone, so you will have to follow the next guide to change your IMEI.
  • Even after flashing a new EFS, you Mac and BT address will not recovery. The android system will assign a software generated address to both devices. Dont worry cause even without the EFS partition there will be a Mac and BT address assigned to your device and both the things will work normally.
  • If your Baseband is still unknown, even after flashing a new EFS, then try flashing latest radio file. It can be found in any firmware update package, either the official or the one from the strix.
1. Download the required files from the link given below.
2. Extract the Dump Backup files and flash them using the following commands.
Code:
fastboot flash modemst1 modemst1
fastboot flash modemst2 modemst2
3. Now reboot and voila you have you a new EFS partition at your disposal.



HI BRO, HI HAVE ONE PROBLEM TOO,.
AFTER I FLASH STOCK ROM, MI SIM CARD DON'T WORK AND DON'T ENTER IN SYSTEM.
WHTAS STEP I NEED USE ?! YOUR 1ST OR 2ND ?
SEE IMG
https://ibb.co/Lz57RnL
 

Top Liked Posts

  • There are no posts matching your filters.
  • 56
    This guide is for those who have lost their IMEI, have corrupted EFS, or erased EFS partition. So, follow these under your own risk, it may or may not work, and if something happens or doesn't happen, then i am not to blame. So, once again i will not take credit for bricked phones or something along those lines, however i will take full credit if this works for you. I will also provide assistance to those who could not restore their EFS following this guide.

    Before proceeding with this guide, backup what you have left. Use twrp to backup and in case something goes wrong and your problem escalates, you can restore using twrp backup.
    36
    Restore EFS

    Do this if and only if you believe your EFS is corrupted, or you somehow erased it. If you are not sure about it, then simply follow the next guide to change you IMEI number. In most cases people loose their IMEI only and not the whole partition. Again, it may or may not work, so do this on your risk, and i am not to blame if anything bad happens, but if you do succeed, then don't forget to give me credit.

    Note:
    • If your EFS is erased or corrupted, your IMEI and Baseband will be shown as unknown. In this case recover the EFS following this post, and then change the IMEI following the next post. If your IMEI is shown as 0, then you EFS is safe and most probably your IMEI is gone. In that case, no need to recover EFS, only change the IMEI number following my next post.
    • In TWRP, backup of kate wont show on kenzo and the backup up kenzo wont show on kate. In case no backup is shown even if you are using the right device, then try the dump flashing method or try changing the TWRP recovery.
    • Flashing this will only restore your EFS partition, but the IMEI will still be gone, so you will have to follow the next guide to change your IMEI.
    • Even after flashing a new EFS, you Mac and BT address will not recovery. The android system will assign a software generated address to both devices. Dont worry cause even without the EFS partition there will be a Mac and BT address assigned to your device and both the things will work normally.
    • If your Baseband is still unknown, even after flashing a new EFS, then try flashing latest radio file. It can be found in any firmware update package, either the official or the one from the strix.
    1. Download the required files from the link given below.
    • EFS Backup[Kenzo] - Contact me if someone has backup of this.
    • EFS Backup[Kate] - Contact me if someone has backup of this.
    2. Extract the Dump Backup files and flash them using the following commands.
    Code:
    fastboot flash modemst1 modemst1
    fastboot flash modemst2 modemst2
    3. Now reboot and voila you have you a new EFS partition at your disposal.
    31
    Change IMEI Number

    Requirements:
    • Root
    • USB Debugging is turn on
    • Windows Driver Signature is turned off
    • ADB and Fastboot Binary Files
    • Latest MiFlash Installed for the latest drivers
    1. Connect your device to pc and open the adb folder. Then open a command promt window.
    Code:
    >> [B]Shift + Right Click[/B] anywhere in the adb folder
    >> Click on [B]Open Command Window Here[/B]
    2. Type the following command to enable Diagnostics mode. Allow debugging if asked.
    Code:
    adb shell
    su
    setprop sys.usb.config diag,adb
    4. Download the IMEI Changer from the link given below.
    5. Now, open the imei changer, and enter imei number in both the fields. And click on start. After a moment it will show as passed. If it fails make sure that you have followed the points i stated.

    Note: Make sure that the driver in driver management under ports is listed as "Qualcom HS-USB Android DIAG 901D" and not as "Marshall London HS-USB Android DIAG 901D". If it is listed in any other name, then go to driver management and update driver. Select browse driver, then let me pick driver from a list. Then select "Qualcom HS-USB Android DIAG 901D" and then finish.
    2
    showing error as no diag even after typing those commands
    kindly help me

    At what part, the imei change or flashing.
    2
    Can't confirm. My EFS partition was so corrupted from trying other tutorials to restore my IMEI that I didn't even bother backing it up because I thought that it could have been changed already (tried writing to NVRAM with QPST). Since I don't have my original mac and bluetooth addresses written down anywhere (I haven't written them down myself and I don't think they are to be found anywhere on the box or on the phone) I think the only way to check it would be to compare my current addresses on the phone to the addresses contained in your EFS backup. Can you extract them so I can check if they match or not?
    The mac address and bluetooth address in the efs are my own. I only changed the imei so that no one else can copy it, i didnt know anyway to change mac address. Besides the mac address doesnt matter that much, and i dont think that we will ever be on the same wifi network.

    If you dont know then i can explain, that the mac address is required to maintain switches and broadcast in the router, so it technically does not matter.

    You can change it later with some apps or use it like that if you wish, if i find any way to restore you mac i will post it too. In the mean time just post a snapshot of wifi mac and bluetooth address so that i can compare them with my own.