so, we have x10 phone with totally erased semcboot and trim area.
phone does not turn on, does not connect to pc anyhow.
lets resurrect it
run setool2, select x10 as model, select com port as interface
( one where GPG resurrection cables connected )
1.
on options set signed mode,altbypass mode, use testpoint (gnd type)
2.
connect GPG x10 resurrection craddle to phone, press RECOVERY
follow program instructions.
important notice:
for msm7227 phones, insert battery in phone after you attached testpoint.
btw, as phone has erased semcboot, you do not need apply testpoint that time.
however, that is very special case, so for simplicity lets apply testpoint all time.
here is operation output:
Code:
SIGNED MODE (USING SERVER)
ALTERNATIVE SECURITY BYPASS ENABLED
CFG:110010000010
DETACH USB CABLE FROM PHONE
REMOVE BATTERY FROM PHONE
ATTACH TESTPOINT
ATTACH USB CABLE TO PHONE,THEN PRESS "READY"
PROCESSING ...
REMOVE TESTPOINT NOW, THEN PRESS "READY"
RUNNING S1_LOADER VER "R4A024"
SWITCHING TO "USB" ...
PLEASE ATTACH TURNED OFF PHONE NOW
RUNNING S1_LOADER VER "R4A024"
LOADER AID: 0001
FLASH ID: "002C/00B3"
LOADER VERSION: "r4A024"
WRITING SEMCBOOT ...
Checking TA ...
MINOR ERROR [ MISC_CLASS: MISC_ERROR, TA_set_config_failed ]
Writing config ...
MINOR ERROR [ MISC_CLASS: MISC_ERROR, TA_invalid,_format_may_be_required ]
Formatting ...
Checking MISC TA ...
MINOR ERROR [ MISC_CLASS: MISC_ERROR, TA_invalid,_format_may_be_required ]
Writing config ...
MINOR ERROR [ MISC_CLASS: MISC_ERROR, TA_invalid,_format_may_be_required ]
Formatting ...
SUCCESS
now we recovered semcboot and prepared trim area for loading.
if phone only had erased semcboot, it will already work after that step.
but our phone TOTALLY damaged, so lets proceed with second step:
we need now load trim area.
options are same for step1 + "format gdfs when writing" checked,
select x10.zip in misc.edit and press "write gdfs".
( any trim area, read from corresponding model live phone will work )
follow program instructions.
here is operation output:
Code:
SIGNED MODE (USING SERVER)
ALTERNATIVE SECURITY BYPASS ENABLED
CFG:110010000110
Will write GDFS now.
DETACH USB CABLE FROM PHONE
REMOVE BATTERY FROM PHONE
ATTACH TESTPOINT
ATTACH USB CABLE TO PHONE,THEN PRESS "READY"
PROCESSING ...
REMOVE TESTPOINT NOW, THEN PRESS "READY"
RUNNING S1_LOADER VER "R4A024"
SWITCHING TO "USB" ...
PLEASE ATTACH TURNED OFF PHONE NOW
RUNNING S1_LOADER VER "R4A024"
LOADER AID: 0001
FLASH ID: "002C/00B3"
LOADER VERSION: "r4A024"
Can't get IMEI
will write 1010 units
done
will write 53 units
done
Phone detached
Elapsed: 23 secs.
finally, we need rebuild imei and security zone.
for that, check same options as for step1 + "do full unlock instead of usercode reset","allow to change imei when unlocking" checked,
press "unlock/repair", follow program instructions
here is operation output:
Code:
THAT ACTION IS ILLEGAL,IF YOU DOING IT
FOR ANY PURPOSE, OTHER THAN REPAIR PHONE
SIGNED MODE (USING SERVER)
ALTERNATIVE SECURITY BYPASS ENABLED
CFG:110010010010
DETACH USB CABLE FROM PHONE
REMOVE BATTERY FROM PHONE
ATTACH TESTPOINT
ATTACH USB CABLE TO PHONE,THEN PRESS "READY"
PROCESSING ...
REMOVE TESTPOINT NOW, THEN PRESS "READY"
RUNNING S1_LOADER VER "R4A024"
SWITCHING TO "USB" ...
PLEASE ATTACH TURNED OFF PHONE NOW
RUNNING S1_LOADER VER "R4A024"
LOADER AID: 0001
FLASH ID: "002C/00B3"
LOADER VERSION: "r4A024"
Can't get IMEI
REQUESTED : 359419030xxxxx
Checking for HWConfig ...
Waiting for calculation process ...
RESPONSE: "SUCCESS" [826]
Checking for signature ...
signature found, skipping calculation
WRITING SEMCBOOT ...
WRITING HWCONFIG ...
Unlock DONE
Elapsed: 20 secs.
from now on, phone is full repaired, testpoint cradle not needed.
reflash phone with any suitable firmware.
