Our scheduled scans locate viruses on our computers for which the real time did not detect. Our real time does not do as intensive of a scan as the scheduled scan.
An example of this is a Java virus in a JAR file located in the Internet Explorer temporary folder. Another would be a PDF in the same folder.
The real time did not detect it because it is not in the detection at the time of download. The only thing that found it was the scheduled scan, after a pattern file update which now detects the virus.
So one takes a look at the PC in question. Did it have the version of Java which that virus required for elevation? Did the client have the latest Adobe Reader patch? Did it get infected?
Some viruses we have monitored have installed things such as WinProxy, or VNC. Legitimate 3rd party software. Even after antivirus cleans up the infection, back doors may be left on the previously infected computer. Usually, we grab any data from the PC, nuke it and the users roaming profile, and rebuilt them. The real time scans are critical to locate these PC's needing cleaned up.
Anyway, that's my opinion.