The Conficker worm, the Facebook virus Koobface and the smartphone virus Sexy View' have been the biggest security threats so far this year, according to F-Secure.
The security vendor said that the Conficker virus had been the prominent classic worm', with heavy encryption, peer-to-peer functionality and the ability to convert itself and update itself.
Conficker began, to become a serious threat earlier this year, with hype peaking on 1 April.
Since then, researchers have noted a copycat worm called Neeris, which has taken over some of Conficker's functionality.
"The authors behind Conficker are professionals," Mikko Hyponnen, F-Secure's chief research officer said in a statement. "They have infected millions of computers, and could do anything they wanted with them.
"The mystery is why they haven't done that. Not yet, anyway."
F-Secure said the second biggest threat of the first quarter of 2009 was the Koobface' worm, which spread on Facebook and other social networking sites to steal login credentials.
Microsoft recently shared details about how it worked with Facebook to get rid of the worm using its Malicious Software Removal Tool (MSRT).
Microsoft Malware Protection Centre principle program group manager Jeff Williams said last week that the tool had removed Koobface 200,000 times from over 133,677 computers in more than 140 different countries.
The third biggest threat was Sexy View', the very first SMS worm, which was a social engineering virus using the stored contacts of a smartphone to spread.
Hypponen said: "It's also the first mobile phone worm that circumvents the signature checks that are meant to secure the latest smartphones."
Cleo attack victim list grows as Hertz confirms customer data stolen
Lateral moves in tech: Why leaders should support employee mobility
