There are many reasons on why a program may want to get to a specific offset. Among the reasons services like Shadow Copy might need to do this, and it's impossible to say why, unless we see what they are actually reading. An example is using shadow copy to mirror a volume, then you would do a stream of data (if observed would be a stream of hex data), sequential and you'd see on both drives the following process:

1) Read from Offset 0, 4096 Bytes (Read one block).

2) Write into another location at Offset 0, 4096 Bytes (Write one block)

3) Read from offset 4096, 4096 Bytes... And so on, and on... essentially by the time Offset = Disk Size, you will have mirrored the volume.

That being said, this could be a problem with the observer app checking what's being read, in reality there are abstraction layers interacting right there.

The program requests a file->checks where it's located->requests to the OS to fetch the file->the OS requests the driver to go there and get the requested bytes and then the app gets a pointer to that data to be used.

Obviously I simplificated this process as much as possible. But essentially each time something is done on a machine, it went through many abstraction layers, and the data an app requested may be or might not be on those offsets. We have seen this while working with fuse and intercepting the Read - Write calls on a volume. They are not sequential, but to explain further i'd have to get too technical which I think it's not what you're asking.

Hope this answer helps, even though it's been a year since you asked.