The reason why I ask this is because, in my security logs it appears to check all my disk. here is a what the log states.
An Attempt was made to access an object
Subject:
Security Id: System
Account Name: Main Server
Account domain: My Domain
Logon Id: 0x3e7
Object:
Object Server:Security
Object Type:SymbolicLink
ObjectName:\GLOBAL??\H:
HandleID:0xae0
Process information:
Process ID: (In this case its) 0x568
Process Name: C:\Programfiles(x86)\Symantic\Symantic Endpoint Protection\SMC.exe
Access Request Information:
Access: SymbolicLink
Access Mask: 0x1
As I stated these files occure about every 30 Seconds.
One other thing I want to point out is on some of the logs under Access Request Information, I have an entry of
Transaction Id :{00000000-0000-0000-0000-000000000000}
this peticular Id occures within some of the logs. I willing to bet it some type of address but to what?