btw, help me understand the use of the DnsFree variable... why is it often exor'd with 0x23dc67e8? is that the addr of a routine and exor is faster than adding? thank you.
That's just in-memory obfuscation. The value is xored with 0x23dc67e8 when set and the variable xored again whenever is used. Its first use is to check that the symbol was resolved correctly, that implies testing for NULL/0. The compiling-decompiling process made it so that it is actually just comparing the variable to the mask.
It get's XOR'd once after the GetProcAddress, then XOR'd back before the STDCALL invocation.
This is done for both the GetProcAddress calls, so I'm going to just guess that this is some anti-patching anti-cheat shenanigans.