Surprised not to see a mention of it yet in these forums... Lenovo has admitted preinstalling dangerous adware on many consumer machines sold between September and December 2014, called Superfish. Ostensibly it's just ad insertion crapware. However, the software installs a Root CA Certificate and acts as man-in-the-middle proxy, meaning that it can inject itself into your online banking and other HTTPS website usage. Better still, the root CA certificate only used 1024-bit encryption and the certificate password has already been cracked.
Lenovo don't seem to understand just how major a screw up this is, yet.
There's more information here:
http://www.kb.cert.org/vuls/id/529496
http://www.theregister.co.uk/2015/02...erfish_killer/ (this article also contains a list of the Lenovo models affected)
http://blog.erratasec.com/2015/02/ex...rtificate.html
Check if your Lenovo is one of the ones affected by visiting this website:
https://filippo.io/Badfish/ (this is a genuine link, listed in the CERT article linked above - visit it via that article if you don't trust me)