i don't care what they put on the default windows partition (i replace it on arrival) and the uefi issue was a production mistake where they imaged with a nonproduction image.
they're still used widely by serious people in academia, open source and security sensitive industry.
i suspect a lot of the bad press they get comes from the fact that there's a lot of very sharp eyes making use of their gear and that similar issues happen in other lines but just go unnoticed.
if you're truly paranoid, a pine arm machine or fully open source risc-v may be your jam. everything else is going to be loaded up with proprietary blobs everywhere along with overcomplicated supply chains and overzealous marketing departments cross selling adware onto that default image you should be tossing anyway.
No, it's really just them. They worked hard to earn that bad press. It's not even that they keep pre-installing malware, but how they've handled it when they're caught speaks volumes.
When the truth about superfish came out first they fiercely denied there was any security risk to anyone ("we have thoroughly investigated this technology and do not find any evidence to substantiate security concerns”), then eventually they admitted it was a problem and said they'd stop shipping devices infected by it, but continued to anyway more than a month later (https://arstechnica.netblogpro.com/information-technology/20...) and the instructions they gave users for removing the offending software still left systems vulnerable while giving people a false sense of security. When they were caught doing that they issued new instructions and those still left users vulnerable!! (https://www.theguardian.com/technology/2015/feb/20/lenovo-ap...)