Try this Microsoft Product…MSRT
http://www.microsoft.com/security/malwareremove/default.mspx

Visit this link and download the tool. You can also check your system online.

There are different variants of sasser and the following tool removes the sasser variants from A to F.

Sasser (A-F) Worm Removal Tool (KB841720) >> http://www.microsoft.com/downloads/details.aspx?familyid=76C6DE7E-1B6B-4FC3-90D4-9FA42D14CC17&displaylang=en

Are you doing network install ??

Are you installing the XP on a clean disk or only on the os partition one ?

Also you can download the windows anti-spyware, free ad-aware software and other such tools to avoid the further attacks.

I will always suggest to do a clean install on all the pratitions , if it is possible, to avoid any kind of viruses and install the antiviruses before running any
applications

After you install the 835732 (MS04-011) security update on a computer that is already infected with the Sasser worm, the computer may continue to generate network traffic on the affected Transmission Control Protocol (TCP) ports to try to spread the worm infection to other vulnerable computers. If your computer is infected with the Sasser worm, you may experience one or more of the following symptoms:
Your computer performance is decreased or your network connection is slow.
You may see a dialog box that contains text that refers to LSA Shell.
Your computer may restart every few minutes without user input.
It is also possible that you will not notice any symptoms of infection. For example, the second and third symptoms may not occur on infected computers that have the 835732 security update installed, although the computer is still infected and is still spreading the worm to other computers.

For more information about the 835732 security update, visit the following Microsoft Web s