Yeah I think it was to remove the last residual traces after removing the extension folders.
To be fair to then, I've had many cases like this with Sophos, Norton and Avira where Malwarebytes saved the day.
I think their adaware scanner is slightly deeper for these types of threat - although AV companies should be catching up.