Not saying we shouldn't use HTTPS, but if your ISP is injecting ads and malware into your internet traffic, the real solution would be to sue/legislate them out of existence.
Comcast have repeatedly been caught injecting, from 2013 [0] through 2019 [1]. At what point do you acknowledge that the large-scale business that is the ISP, might just have more bargaining power than a single individual?
[0] http://blog.ryankearney.com/2013/01/comcast-caught-intercept...
[1] https://gist.github.com/ryankearney/4146814?permalink_commen...