Did you select to encrypt system partition or entire HD? Is your D drive a different physical hard drive? Yes they can get the key required to decrypt your truecrypt drive if they have access to your machine while it is in its decrypted state. Yes they could possibly get the key even if you use a USB drive, for example if it is swapped out from memory to the HD. There are a few ways that you can make a high probability guess that someone has a hidden volume, but afaik there is mathematic security against this (meaning in theory they can't tell you have a hidden volume, but using data leaked to the OS or other things, they will probably be able to determine that you probably have a hidden volume). Fuck if I know, how many drives do you have tell me the configuration of your machine and which Truecrypt options you used.