In any case, this incident is a great example of why you should never execute unsolicited applications from the Internet. If your browser downloads a file after you click a Facebook notification, it should raise immediate red flags. The user on Stack Exchange did the right thing by investigating the file first and then asking for help from experts.
You should also keep your browser and all of its extensions fully updated with the latest patches. While this attack’s delivery method was relatively unsophisticated, that’s not always the case. A more motivated attacker may have tried to exploit known browser vulnerabilities to auto-execute the malware and compromise the would-be victim’s computer before they even knew what hit them. –Marc Laliberte