Yeah, I know that it's a rootkit-type service. But I'm saying that still doesn't prevent you from going deeper than the checks. Especially if you're using custom code and not a known cheating tool. (Those will get picked up by signatures) Unless they require a fully certified system, you can always play with device drivers which are going to be lower level than anti-cheat.

It's an arms race, but whatever they can check, you can patch. Worst case, you can still virtualise everything.