I've read anecdotal evidence that malware authors are purposefully inflating the size of their exploit kits to avoid detection by antivirus software. Does this method actually help avoid antivirus detection, and how can we detect this malware?