Normally what you do is to use squid in transparent proxy mode, with HAVP as the parent of squid. No client proxy setup is required.
However, HAVP is currently broken (for me and some others, at least): http://forum.pfsense.org/index.php/topic,47576.0.html
If you use Dansguardian instead, you will probably want to look at auto proxy configuation.
I've personally abandoned virus scanning at the firewall, because I'm just not convinced that ClamAV works well enough. Individual Win clients run Avast.
I do use squidguard for filtering, with pFblocker to block tor et al, and that works well.