The question might appear silly, but have you searched for sdfssvc.exe on your harddisk?

The *.txt logs do not include any paths (making it kind of useless imho), and I wonder why the filename is all lowercase, while the official file is named SDFSSvc.exe. Using the name of known legit services to trick users/firewalls is a commen behaviour.

Next thing I would check is in Spybots settings whether the proxy server Spybot offers is active or not, since 21320 is the port it uses. Could it be that some other malware on your system is using this proxy, trying to bypass direct connections to hide itself?