Forcible termination of lsass.exe will result in the Welcome screen losing its accounts, prompting a restart of the machine. "lsass.exe" is the Local Security Authentication Server. lsass verifies the validity of user logons to your PC or server. it generates the process responsible for authenticating users for the Winlogon service. This is performed by using authentication packages such as the default, Msgina.dll (note: GINA is used in Windows XP, but is replaced with the Credential Provider system in Vista and 7). If authentication is successful, Lsass generates the user's access token, which is used to launch the initial shell. Other processes that the user initiates then inherit this token. http://www.neuber.com/taskmanager/process/lsass.exe.html
Because lsass.exe is a crucial system file, its name is often faked by malware. The lsass.exe file used by Windows is located in the folder C:\Windows\System32. If it is running from any other location, that lsass.exe is most likely a virus, spyware, trojan or worm.