Not saying we shouldn't use HTTPS, but if your ISP is injecting ads and malware into your internet traffic, the real solution would be to sue/legislate them out of existence.
Comcast have repeatedly been caught injecting, from 2013 [0] through 2019 [1]. At what point do you acknowledge that the large-scale business that is the ISP, might just have more bargaining power than a single individual?