For word list construction I would suggest using your favorite word list maker and use it to mangle the variables "&l0!a$a$=u". Take this list and parse it with your known chars "H?5?k?@?W?z?9?O?*?#?5?" inserting your known chars between every other bit. You will probably need to create some script or program to do this, I doubt it would be too difficult but I haven't attempted to try this before so who knows. :-)
You could look at the password from a slightly different perspective and perhaps narrow things down by crafting your word list using meta-information gleaned from what you can deduce based on observation of the password.
Look for patterns and repetition, for instance, 5 is used twice once at the beginning of the PW and again at the end. $ is also used twice. I would make a bet that the pattern is significant, and in a misguided attempt to make the PW more secure, whoever made it tried to keep from repeating characters. This means that the $s are probably far away from each other and therefore close to the 5s.
H?5?k?@?W?z?9?O?*?#?5?: 5s at opposite ends
&l0!a$a$=u: as' and $s probably also at opposite ends.
There seems to be another pattern, in order to create a more secure PW your friend used different cases and symbols (good) it also looks like he was fairly deterministic in his use of the shift key (bad) lets look at the pattern of use. (+=shift up, -=shift down)
H?5?k?@?W?z?9?O?*?#?5? looks like -?+?+?-?-?+?+?-?-?-?+?
&l0!a$a$=u looks like - + + - + - + - + +
Just using my own preferences as a guide, I know I like to alternate holding down the shift key and pressing a key making me more inclined to use a +-+-+- pattern a#6Bm! and by the even distribution of + to - in your password (11+s to 10-s) id say that your friend did something similar.
Finally lets look at the physical layout of key distribution. For this we need to make a few assumptions. I am betting your friend used a typical 108 char US keyboard with a number strip across the top. He is also a good typist (who works in IT and isn't? :-) and is right handed. Ill split the keyboard into zones
A B C D Formatting is a little off, A over 123, B over 456, etc.
H?5?k?@?W?z?9?O?*?#?5? becomes 3B,?,1B,?,3C,?,1A,?,2A,?,4A,?,1C,?,2C,?,1C,?,1A,?, 1B,?
&l0!a$a$=u becomes 1C,3C,1D,1A,3A,1B,3A,1B,1D,2C
Seeing some patterns popping up in there yet? Combine this with what you know about shift key distribution, and dual character distribution, add a dash of common sense and put it all together. Id probably get shot by a statistician or cryptanalysis expert for saying this, but if you can see the patterns you can "feel out" the password based on what you know about human nature. Im not saying that you can guess the answer off the top of your head by doing this, but its really the only good way I've found to tackle these behemoth 20-60 key PWs people seem so fond of today. If you can increase the chances of getting the PW by even a few % through analysis you can save hours cracking small PWs and shave months off the big ones.