Before you direct me to HP support (who has already offered me Disktech), please hear me out. I have what I think is a potentially unique situation.
My HP 2560p has a 160G SSD drive, currently with 3 partitions: a boot partition (unencrypted), a Windows 7 partition (encrypted), and an HP_TOOLS partition (also unencrypted). A few days ago I accidentally pulled the battery (it's actually easier than you think) while Windows was shutting down (during updates).
Before I go further, I should say that I do not have the original recovery encryption key. But I think I do have a glimmer of a chance.
When I power on, I get a quick peek at the McAfee Endpoint Encryption 6.1 identifier in the upper left corner, and then a login screen with Drive Encryption for HP ProtectTools. Here is the thing: I can still get past this screen using my password or fingerprint.
I am now presented with the bootloader screen with a Windows 7 entry. I can select advanced boot options from here, such as safe mode. In Safe Mode I can see a bunch of drivers getting loaded until I get to CLASSPNP.SYS, at which point I get a BSOD.
My primary question is this: are those drivers being loaded from the encrypted partition? It seems that they must because they don't exist on the boot partition. If they are coming from the encrypted partition, does it mean they are being decrypted on the fly, and if so, what's doing the decryption, some kind of early boot kernel driver?
Finally, if my previous statements are correct, am I totally grasping at straws if I believe there must be some way to interrupt the boot process (perhaps via kernel debugging) and obtain access to the Windows partition? I realize that this is what we're trying to prevent, but it seems like it should be possible if I were to e.g., duplicate my environment in a VM and utilize privileged code in the hypervisor to dip into the VM's memory.
Everybody has their nightmare stories here, and I know I'm asking a lot, but I wouldn't have asked if I didn't have some really important stuff on that hard drive (such as all my tax prep for 2012, some scans of recently discovered 120-yr old family photos, etc).
Thanks in advance to all of you.