If you have a ROM 10 with a screwed-up BD0, i.e -> 0000000, then d/l the attached file, load it in Nagra edit D2C section and run it.

OK seems like the file was not attached
Paste this in the D2C section and run it:

; Restore BD0 via CMD03 overflow, for provider 0001
; This script will reset the BD0 to the Nipper string:
; New BD0: 4E 69 70 50 45 72 20 49 73 20 61 20 62 75 54 74

rs ; Reset card and get ATR
tx 21 00 34 A0 CA 00 00 2E 03 2C 00 C5 10 6F 15 AE 10 D6 C0 A1 E7 AF 5A B9 B4 D7 81 7B 99 BC B0 70 95 47 4D 99 A0 24 3B 4D F7 27 77 CC 58 9E C6 0F D5 5C AC 71 51 E9 C9 ** ; Send overflow CMD03
dl 0100 ; Delay 256ms
rx ; Receive card response
cp .. .. .. 83 03 B1 01 01 90 00 .. ; Compare with this response
jf BadProvider ; If it doesn't match, wrong provider or damaged datasapce
tx 21 00 08 A0 CA 00 00 02 C0 00 06 ** ; Send CMDC0
dl 0100 ; Delay ~250ms
rx ; Receive card response
tx 21 82 00 ** ; Send followup command to execute payload
dl 0700 ; Delay ~1800ms
rx 0004 ; Receive first four bytes of response
rx ; Receive response we should receive if payload executed
cp .. .. .. 67 00 .. ; Compare with 67 00 response (sent by payload)
js Success ; If we got 67 00 response, code executed and BD0 is restored
mg BD0.NOT.RESTORED! ; Otherwise something went wrong
jp Done

:Success
mg !!!!!!........BD0.SUCCESSFULLY.RESTORED........!!! !!!
mg !!!!!!.....NEW.BD0...4E697050457220497320612062755 474
jp Done

:BadProvider
mg !!..ERROR...WRONG.PROVIDER....(NOT.0001)!!

:Done

what part do we cut and paste????all of it of the first 3 lines

This worked perfect on my Rom 10-! Thanks so much!!
Animal99

Can someone please explane the d2c part? How do I run this?
Thanks

I tryed your script here is what i got

RX: 3F FF 95 00 FF 91 81 71 A0 47 00 44 4E 41 53 50
30 31 30 20 52 65 76 41 32 33 4B
TX: 21 00 34 A0 CA 00 00 2E 03 2C 00 C5 10 6F 15 AE
10 D6 C0 A1 E7 AF 5A B9 B4 D7 81 7B 99 BC B0 70
95 47 4D 99 A0 24 3B 4D F7 27 77 CC 58 9E C6 0F
D5 5C AC 71 51 E9 C9 BA
TX: 21 00 08 A0 CA 00 00 02 C0 00 06 87
TX: 21 82 00 A3
RX: 12 00 01 00
RX: 13
The first part when i got the 21 82 00 A3 I got really excited but as you can see i ended up at 13.

Needless to say i am still in the dark

I tryed the viagra 10 thing and the camwieser thing cam only get xx = 28 will not go to 29 and the provider says its a 8001 anuway this card is not locked just missing BDO3 BDO 0

I did a dump of the eeprom and C40 C50 C60 C70 all of them ooooooooooooo but my password is still at C600 which is weird but when i try to login to card here is what happens

Opening of COM1 was successful
ATR String: 3F FF 95 00 FF 91 81 71 A0 47 00 44 4E 41 53 50
30 31 30 20 52 65 76 41 32 33 4B
ROM Revision: 010
EEPROM Revision: RevA23
ProviderID: 00
CamID: xxxxxxxx
Using BD3 Key: 4E 69 70 50 45 72 20 49 73 20 61 20 62 75 54 74
Attempting to login to BD3
BD3 login failed
Reading ROM10 failed
Closing of COM1 was successful
What would you do??? And yes i did put in password
Opening of COM1 was successful
Removing card lock
Closing of COM1 was successful
Bad password or BackDoor not present