Q1. No there aren't any specific extension you should exclude from on-access scanning
Q2. you really should use a farm admin account. if you can't then see the product guide for msms 3.0. it has a section about setting up a user with least privleges.
Q3. in epo there are specific reports that can be run for msms. any one of the reports are important depending on what it is you scanning for and want to report on.
Q4. there is a management extension and report extension that need to be installed into epo for msms 3.0. additional information about this is included in the product guide.