Internet e-fax virus

I did a stupid thing at work. I am not an IT professional, just a user. Working quickly and not thinking too hard about it, I clicked on a zip file attachment in an e-mail message that said I received a fax. I had previously used an efax service before and I was expecting some people to send me documents, so I wasn't totally paying attention to the particular message I received and tried to open the file. It turned out to be a viagra advertisement. I can live with that by itself, but then it started sending multiple messages to everyone in my contact list. So now I'm in the dog house with my IT manager, who spent the better part of Friday reformatting several computers at work. My research tells me this efax virus hoax was circulating a lot around the fall of 2012. So my real question is, why didn't Norton Security block this message or provide an alert?  I did receive a message after I unleashed the animal, but by then it's too late. We immediately disconnected from the network, but the damage had been done. One of my co-workers was alerted to it and didn't even open the messages sent to her by my computer, but her computer received a couple dozen messages from me, and had to be reformatted (according to the IT manager). Do these things mutate so they can't be detected?  Thanks for any additional information.