In the future, when you schedule a dts package as a job - say using dtsrunui, simply don't check "encrypt" when you generate the command string.  Or create the string manually in EM.  Don't right click on the package to schedule - that always creates an encrypted command string.  If that is the reason that you have encrypted command strings in the first place, then you may be in luck - because the name of the dts package being executed will be in the name field of sysjobsteps unless someone manually changed the name of the step.  But that's a pretty big leap of faith. I don't think you should be able to decrypt the string once encrypted.  I guess that's kind of the point, eh?  Given that that is the case, you can't prove that a dtsrun command really does what you say it does unless you re-write it yourself without encryption.  Sure it's a hassle but it's probably the right thing to do.