# Archos 50 Cesium/Bush Eluma B2 - any hope?



## tonemapped (May 6, 2016)

This is my first modern Windows Mobile (I used Windows Mobile 11 years a go) and it seems Microsoft was crippled the operating system. 

*Model:* Bush Eluma, Windows 10 native (rebranded Archos 50 Cesium)

*Specification:* 

Snapdragon 210
Adreno 304
1 GB RAM
16GB ROM
MicroSD support up to 128GB
5" 720x1280 IPS screen
4G LTE
WIFI/Bluetooth/GPS
8MP rear/2MP front with flash
2100mAh battery

*Spec. Sheet:* archos [dot] com/corporate/press/press_releases/EN_ARCHOS_50Cesium_50eHelium.pdf

*What I'm trying to do:* Interop-unlock

*What I've managed to do:* Deploy apps, such as Root Tool and vcREG

*Where I'm stuck:* Setting the value for my model of phone - I have no idea where to look

I hope I've provided information in a clear format. I'd very much appreciate some help or feedback in order to interop-unlock this model

System\Platform\DeviceTargetingInfo
PhoneManufacturer
Value = "True" (I think this used to just say "ARCHOS")

Thank you for reading.


----------



## mackye (Sep 27, 2017)

Was there any progress made with this?  Looking to interop unlock phone too so any help would be great


----------



## dxdy (Sep 27, 2017)

you tried this?
https://forum.xda-developers.com/windows-10-mobile/acer-liquid-jade-primo-upgrade-to-au-cu-t3589156


----------



## mackye (Oct 6, 2017)

Worked a treat! Thanks a lot.


----------



## nate0 (Oct 11, 2018)

user154 said:


> Sorry to kinda hijack this thread, but I have this device and struggling to find any other owners. My understanding is that the archos 50 cesium is the windows version of the 50e helium. I have an emmc dump of the 50e helium, if you cant already tell where im going with this, I want to flash this dump to my eluma b2 but cant get qfil or thor2 to do this. Can anyone help? or even know if this is possible?

Click to collapse



I say just enjoy the W10 phone while you can, or if you really want Android, go buy that model online some where.

It is not as simple as it sounds.  You would need at least a flash programmer for the SoC in that phone which usually the manufacturers never release.  Depending on the format of the dump you might need other flashers or files to understand how the Archos 50 eMMC is structured or to utilize them in the flashing process.  You would also want to be able to put the phone into EDL mode.  If you can manage to even boot the flash programmer and initialize a flash of the phone there is also high risk of bricking it.  Because you would be flashing partitions that were not signed for that phone/SoC.  So I am not sure if you would also need to unlock the boot loader on it or not...sounds like you would.  IMO it would be best to unlock the bootloader so you can backup the current layout of the phone.  This as far as I know is not possible, so I would just stop there.

I know there are some threads in other forums where they are trying to do this with the IDOL 4s, and maybe a couple devices in the past have worked out to be able to do this.  However it pretty much hinges on unlocking the boot loader.  Also from what I know once you flash it like that and even if device survives (it boots, the IMEI is in tact, etc.) you cannot revert it back or it is pretty much impossible to go back without bricking it.


----------



## nate0 (Oct 11, 2018)

user154 said:


> It doesnt really matter if the device is rendered unusable, it is quite a long way down the list of backup devices I have, it was more for the fun of trying to do it. The device is the exact same as its android counterpart (hardware wise) this is what made me think it should theoretically be possible. The dump I have was made with infinitybox, I have managed to create the required rawprogram.xml and patch.xml from the gpt binary contained within the dump. I have also found a couple of flash programmers for the soc (prog_emmc_firehose_8909.mbn, and a couple of manufacturer specific ones, pretty sure iv got the filename slightly wrong there). I have been able to boot the device to EDL mode using a cable, however sahara fails to load the flash programmer to the device. I didnt think the bootloader would need to be unlocked to flash the device seeing as the device is in EDL mode and what Im trying to flash is signed as is just the dump from the android counterpart. Maybe this is where im going wrong. Also Im working on the assumption the IMEI will be wiped as I plan to flash persist.img from dump too, I thought trying to keep the partition where it is stored in windows 10 and repartition the rest of the emmc to the same as the android counterpart might make things more complicated than they already are. Also IMEI can sometimes be quite simple to repair on certain devices (A lot more simple than what Im trying to acheieve here anyway). Can you point me in the right direction as to where I can find instructions to unlock the bootloader of this device? for some reason it doesnt get recognised by wpinternals (In any mode, EDL, standard flash mode, no idea what thats called on windows haha, or booted normally)

Click to collapse



Sounds like you're on the right path. I'm not 100% sure you need to unlock the boot loader, however it would definitely make things easier as you could dump partitions from the phone as it is and even possibly enable mass storage mode.  I am unsure where you would look to unlock that phones boot loader other than here.  The flash programmers you have may not be built for the Windows Phone eMMC and why they are not booting.


----------



## JoachimP (Oct 25, 2018)

Hi, this is quite interesting for me as I am struggling with 2 Cesium 40 devices stuck in Qualcomm download mode. I thought I managed to extract msimage.mbn and hex binary file from ffu, converted the hex file to hex.hex and added first and last-but-one lines. Although there was no way to escape from Qualcomm mode. Thor recognizes the Qualcomm deveices, but tells me to stop QFIL operations, even if there is no QFIL. Any ideas?


----------



## nate0 (Oct 28, 2018)

JoachimP said:


> Hi, this is quite interesting for me as I am struggling with 2 Cesium 40 devices stuck in Qualcomm download mode. I thought I managed to extract msimage.mbn and hex binary file from ffu, converted the hex file to hex.hex and added first and last-but-one lines. Although there was no way to escape from Qualcomm mode. Thor recognizes the Qualcomm deveices, but tells me to stop QFIL operations, even if there is no QFIL. Any ideas?

Click to collapse



If you have qpst/qfil installed on your PC, and have used them recently. The services might still be running. Just hunt for them in task manager and kill them and run thor2 again.  See if that helps.


----------



## gbapk007 (Oct 29, 2018)

Worked a treat! Much obliged.


----------



## JoachimP (Oct 31, 2018)

@nate0
Hi, thanks for your reply. I am nearly sure, I uninstalled QFIL and shutdown my pc after use, but I will check on it.


----------



## JoachimP (Nov 14, 2018)

So I uninstalled QFIL and rebooted. This is the result:
C:\Program Files\Microsoft Care Suite\Windows Device Recovery Tool>thor2 -mode list_connections
THOR2 1.8.2.18
Built for Windows @ 13:36:46 Jun 16 2015
Thor2 is running on Windows of version 6.2
thor2 -mode list_connections
Process started Wed Nov 14 08:48:16 2018
Logging to file C:\Users\me\AppData\Local\Temp\thor2_win_20181114084816_ThreadId-4796.log
Debugging enabled for  listconnections

WinUSB in use.
Connection list START
0.1A07:0004:0004        {71de994d-8b7c-43db-a27e-2ae7cd579a0c}   Emergency mode connected
Connection list END

Exited with success

C:\Program Files\Microsoft Care Suite\Windows Device Recovery Tool>thor2 -mode emergency -hexfile cesium\hex.hex -mbnfile cesium\prog_emmc_firehose_8x10.mbn -ffufile cesium\flash_retail.ffu
THOR2 1.8.2.18
Built for Windows @ 13:36:46 Jun 16 2015
Thor2 is running on Windows of version 6.2
thor2 -mode emergency -hexfile cesium\hex.hex -mbnfile cesium\prog_emmc_firehose_8x10.mbn -ffufile cesium\flash_retail.ffu
Process started Wed Nov 14 08:48:52 2018
Logging to file C:\Users\me\AppData\Local\Temp\thor2_win_20181114084852_ThreadId-7500.log
Debugging enabled for  emergency

Initiating emergency download
Using default emergency protocol
ALPHA EMERGENCY FLASH START
Emergency Programmer V1 version 2014.10.31.001
Hex download selected
Check if device in Dload
Message send failed with error code -1
Waiting connection to DLOAD: 2 of 2
Check if device in Dload
Message send failed with error code -1
Failed to connect to DLOAD mode
Make sure that the COM port is free. Close QPST.
ALPHA EMERGENCY FLASH END
Emergency messaging closed successfully
Operation took about 8.00 seconds.

THOR2_EMERGENCYFLASHV1_ERROR_PROGRAMMER_SEND_FAILED

THOR2 1.8.2.18 exited with error code 85030 (0x14C26)

Any suggestions?


----------

