Yah, that could be the problem, or he got himself a trojan & his anti-virus is not picking it up.
For a try i would turn off the system restore, empty out the pre-fetch folder, and reboot to safe mode.
If you get an error while trying to boot to safe mode, just reboot again, then it should boot ok.
When you empty the pre-fetch folder, it resets it....So
if you try to go to safe mode after doing this, you might get the error mess. but it's ok...cause it will only happen once.
Now that your in safe mode run all you spyware prog.
then do a defrag of the hhd...