Like most other malware, it is known to pick random filenames when installing its components, to make them difficult to find and remove. And yes, it can sometimes "grow back" things you have deleted.
Some of the more virulent varieties require a reboot in safe mode to pull out the bits.
It has a lot of variations, I suspect the producers of the app have business arrangements with some of their clients, on a "find a creative way to install us and keep us installed and we'll pay you more" basis, and that's lead to an unusually large number of creative and persistent varieties of installations.
Not all web pages that push it are in on the joke though. Most ad banner pushing services have a rotating and changing catalog of ads, you don't see the same ad in the same spot on the page every time you load it. Businesses buy slots from the advertisers and get themselves into the rotation, and are billed by the number of "impressions" they are given - i.e. the number of times your ad is displayed on someone's screen. The advertisers have little incentive to police their ads because they're making money displaying them, malware isn't affecting their client (the web site) or their other client (the malware maker) so they're somewhat insulated from complaints.
Eventually a website owner will get enough complaints to threaten or drop the banner provider (who is paying the web site to display their banners, that's one way websites cover their operating costs) but they just move on to another web site, there's a lot of suckers to pick from. It's not a problem that's going to go away anytime soon.
Bigger sites get in the news for serving up malware, because they've got a much larger audience, the audience expects better from them, and as such they tend to keep a close eye on their advertisers. (and if they drop one, that's a major loss of business for the advertiser, so they are more likely to watch what they provide also) But it still happens from time to time.
