It appears that Lenovo has preinstalled a program from the factory called SuperFish. It is a spyware program to preload ads in your searches but it also has the ability to transmit private data from your secure https links such as what you use for banking and online purchases and other links over secure connections. They have a removal tool available for this, but a clean install of windows and a format of the drive may be in order to remove it. And is there anything in the bios to reload this in the background? Who knows.
Here is a link to see if you are vulnerable with this software.https://filippo.io/Badfish/