Sorry, what I told at first about “first-level subfolders” was wrong. I just noticed that listed directories giving an access denied are junctions! I guess that I just have to put them in the exclusions list…
Scanner (folder WSAdmin, item “AppData\Local\Application Data”): scan: open \?\C:\Users\Administrator\AppData\Local\Application Data: Access is denied. The same for: AppData\Local\History, AppData\Local\Microsoft\Windows\INetCache\Content.IE5, AppData\Local\Microsoft\Windows\Temporary Internet Files, AppData\Local\Temporary Internet Files, Application Data, Cookies, Documents\My Music, Documents\My Pictures, Documents\My Videos, Local Settings, My Documents, NetHood, PrintHood, Recent, SendTo, Start Menu, Templates.
Log taken from Server 2019. The two others logs on W10 machines are quite the sames, with more or less entries.