Posts tagged S-Off
This is how you return a G2 back to stock firmware. In order to do this you need to have radio S-OFF. Also make sure that gfree_verify returns secu_flag = 0 before following the steps outlined below.
1. First check to see if your main version is higher than 1.19.531.1
If the current main version is higher than what you want to install you have to change the main version number in the misc partition. To do this you can use misc_version..
download the file and extract it. In a command prompt type the following from the misc_directory:
c:\> adb push misc_version /data/local/tmp/misc_version
c:\> adb shell chmod 777 /data/local/tmp/misc_version
c:\> adb shell
# /data/local/tmp/misc_version -s 1.19.531.1
The above commands create a backup pf the misc partition 17 on the sd card with the name “part17xxxxx.bin”
2. Next install the stock G2 rom called
“PC10IMG_Vision_TMOUS_1.19.531.1_Radio_12.21.60.09b_26.02.01.15_M2_release_149459_signed.zip” you can Google this and download it from many different websites. Again go to the directory where you downloaded the file and type the following:
c:\> adb push PC10IMG_Vision_TMOUS_1.19.531.1_Radio_12.21.60.09b_26.02.01.15_M2_release_149459_signed.zip /sdcard/PC10IMG.zip
Shutdown the phone and remove it from the computer. Next, boot into hboot by holding “volume down” and “power”. The hboot should automatically load the PC10IMG.zip and ask you to update. Press “volume up” to start the update process. The screen goes dim for a little but will come back up and complete the process. This process will replace fake S-Off engineering hboot.
3. Radio S-ON and original CID
The 2 ways to get radio S-ON and the original CID are:
a. Restore the backup of your partition 7. This will set secu_flag = 1 and CID = T-MOB010 and will also bring back the SIM-lock data.
b. Use gfree to set secu_flag = 1 and CID = T-MOB010.
Both scenerios require you to use temporary root. To do this you can use psneuter
Gaining temporary root:
Since you loaded the stock ROM you must now re-enable debugging on the phone. Go to “Applications -> Development” and check “USB debugging”.
Next go to the directory of the psneuter command you downloaded and type:
c:\> adb push psneuter /data/local/tmp/psneuter
c:\> adb shell chmod 777 /data/local/tmp/psneuter
c:\> adb shell /data/local/tmp/psneuter
c:\> adb shell
you should now have temporary root denoted by the # prompt
3. Use gfree to get radio S-ON and the original CID
If you lost your partition 7 backup or you do not want to restore the simlock data you can use the -c and -s options of gfree to set the CID and the S-ON flag.
ON YOUR PC:
Get gfree_06.zip that is attached to this page .
Unzip gfree_06.zip to a place on your computer. Open a terminal or command window, navigate to where the files are on your computer, and type:
c:\> adb push gfree /data/local/tmp/gfree
c:\> adb shell chmod 777 /data/local/tmp/gfree
gfree should now be in your phone at /data/local/tmp
IN THE ROOT SHELL (in the first terminal/command) : Now run:
# /data/local/tmp/gfree -s on -c T-MOB010
Remove the PC10IMG.zip and the tools from the phone
# rm /sdcard/PC10IMG.zip
# rm /data/local/tmp/psneuter
# rm /data/local/tmp/gfree
Disconnect your phone from USB and power it down.
Boot into hboot by holdingwhile powering on.
The heading should now read: “VISION PVT SHIP S-ON”