Unfortunately, the short answer is no.
If he has your username and password, I can't think of a single technique that would result in what you want to accomplish.
Normally you could just stop sharing a particular file, folder or drive, but unfortunately, all drives have a hidden administrative share, which is automatically recreated (even if you stop the administrative share) every time the server service is stopped and restarted or the computer is rebooted. So with this information and your username and password he can simply type
\\YourMachineName\C$ and gain access to just about everything on your pc. Under normal circumstances you could use an explicit deny to files or folders but unfortunately you would have to point the deny at your own username, so that wouldn't work either. I really don't think that there is a remedy available for your particular situation, but would be very interested in any other member's thoughts on the issue.