Hey, I GOT HIM. Even made a photo for you.
Now sack him and send the bounty to my paypal please.

This is the guy who is currently officially responsible for windows being vulnerable to worm and malware attacks.
There have been others in the past but your bounty explicitly asks for the person responsible for this current "conficker" worm, so here you go.

Seriously, as a business you don't have to bother with any ISP pulling off such a nonsense on you.
Just take your business elsewhere.

And what ISP is that? I have never heard of one doing such things.

Most ISP's now run DNS that redirects to their own sponsored search page instead of returning the proper domain not found error.

Certainly not "most" ISPs. I don't know a single one that does that. Can you name any?

Thanks for the backup fire. Needless to say, I agree with all you said. :-)
And yes, nothing against a company making good money by providing an ad-supported product. I wouldn't be complaining if there was at least a small note about their "special" treatment of google and NX anywhere on that page.

Where on their website is it?
I honestly clicked through most of it (short of digging through the knowledge base) and didn't find a trace of it.

Proxying google queries should be worth a note along with the setup instructions, don't you think?

The notion that OpenDNS is evil because they run ads is juvenile. So is the notion that they're evil because they keep logs and records. Name me a Unix system or any provider of any kind of Internet services that doesn't keep logs and records.

The point is that they hijack both your NX responses and google searches without telling you either upfront. They broadly advertise Web Content Filtering, Phishing Protection, Zero-Downtime Network, Faster Internet, Statistics etc. but not a single word about ad injection or google hijacking.

If you have no privacy concerns about a third party monitoring your google queries then that's fine. But I guess most people would at least prefer to know.

Interesting. I get modded flame-bait without a single reply.
Anyone mind to explain what on earth was flame-bait about my post?

There are public resolvers that you could use, for example 4.2.2.1 (google will find you more).
If you're on a unix OS you could also install a local resolver like dnsmasq or dnscache (part of djbdns). The distro packages usually come with a reasonable default config, thus it's mostly just a matter of installing the package and editing your /etc/resolv.conf - a one minute task.

It's fine that you found a workaround for your particular problem.
Others would probably just switch to a working ISP...

and add extra features to decades old service without breaking standards.

But they are breaking the standard. In particular rfc2308,

under 8:

Negative caching in resolvers is no-longer optional, if a resolver
      caches anything it must also cache negative answers.

      The SOA record from the authority section MUST be cached. Name error
      indications must be cached against the tuple .
      No data indications must be cached against tuple.

Note the absence of statements like "lookup failures should silently map to A records that point to webservers serving spam".

Thank's for reminding me.

Sending a raw error code to 99 percent of Internet users is bad service. Better to catch the code and deliver a plain language message.

Guess what browsers and web-proxies have done for, umm, 10 years? Mine says "Name Error: The domain name does not exist". What could OpenDNS possibly add to this simple message, other than their spam?

Short of running their own DNS, what's a better approach?

Better approach to what?
Why not just use your ISPs nameserver?

what kind of personal data can they collect?

The domains that you resolve, obviously. Good for a nice browsing profile.

How are they scam operation?

They're providing a near-zero value product, spam you with ads in dubious locations (NX) and collect a lot of personal data with borderline phishing methods (google proxy) without announcing either of that clearly upfront.

And if you are concerned with worm infections, why not run OpenDNS + IDS + Antivir?

Because OpenDNS provides no added protection? The other two are plenty sufficient while nobody knows whether the OpenDNS detection is reliable nor whether they will bother to add detection of future worms etc.

Remember many phishing toolbars claim to protect you against other phishing toolbars. OpenDNS is running the same model here.

Agree'd. The "Open" in their name is misleading. In reality many consider OpenDNS to be a scam operation.

Furthermore nobody should rely on a DNS provider (of all things!) to report worm infections. The idea is so wrong, it reminds me of the TV scams where they want to sell you a worthless product, bundled with 5 other, totally unrelated worthless products. "Buy this quality home-trainer for only $499 and you'll get this USB-stick, a bar of soap, two lightbulbs and a chinese ipod-knockoff, for free!".

If you're concerned with worm infections then you run antivirus software and maybe an IDS (e.g. snort) on your internet gateway.
Both will report malicious traffic much more reliable than OpenDNS because that's what they're designed to do.