Non-clickable is change https with htxps!
For general insecurities see here: https://asafaweb.com/Scan?Url=https%3A%2F%2Fapps.facebook.com
Cannot establish anything via: http://app.webinspector.com/public/reports/19414541
There are various problems with xss and x-content, cache-control and cookie security option settings!
Site check here seems OK: http://www.networking4all.com/nl/helpdesk/tools/site+check/report/?fqdn=https%3A%2F%2Fapps.facebook.com%2Fplaygembackgammon%2F%3F&protocol=https

Maybe you need a qualified removal expert here to establish if you haven’t been in contact with malcode!
The generic malcode launched from IP seems to have been closed: http://support.clean-mx.de/clean-mx/viruses.php?sort=firstseen%20desc&review=69.171.237.20
http://support.clean-mx.de/clean-mx/view_virusescontent.php?url=http%3A%2F%2F69.171.237.20

polonus