Updating Malware cleaning skills

I have seen some sites offering 'Malware University', training classes on getting rid of malware. Do you think that updating your malware removal skills (or arsenal) is necessary from time to time? How do you become more effective at dealing with this growing, very complicated, threat?

You don't "clean malware". You level the machines and start over. Anything less is a disservice to your Customer and asking for trouble.

As far as dealing with the "threat", you don't allow users to run with Administrator-level accounts (on Windows), and you don't install untrusted software (inasmuch as is possible). It seems fairly simple to me. My Customers and I do not have a problem with malicious software.

Beyond the sysadmin practices of not letting users run administrator level accounts and such, a lot of the responsibility falls on you to remain up to date on threats in the wild. Read the warnings that popup when a new threat is found. Have an update policy for your software.

Nothing can destroy security faster than a determined user, so educate them about the dangers of clicking on random links in e-mail or installing applications unless they are sure of the source (etc), making sure to tell them that this is for the safety of the network and their home computers.

If you stay on top of news, and keep your users in the know, then you drastically reduce your exposure.

As far as "malware training" goes, the name alone is a bit too marketing-buzzword to inspire much faith. Perhaps I'm too much of a skeptic, but I feel that any specific "malware topics" are going to be obsolete before the class is in session.

Sure, some basic skills apply, but if an admin (or support tech) doesn't already know those things, I'd rather they format the machine (for the reasons Evan Anderson pointed out) instead of taking a chance on their cleaning skills.