They do not injecting it, it's just a small downloader that helps to download applications even with bad connection. And potentially may use a p2p distribution, as for example some game developers upload their game clients(>1gb). Well-known companies pay per download for their software suits, and they don't really like to pay for the interrupted downloads.
Im not sure about the deceptive tactics, they just trying to get people attention, not just unmarking checkboxes without reading.
What an antivirus says about some adware / adware downloader / toolbar doesn't matter - if it's adware, I don't want it; if it's shoved down my throat by some installer, I don't want it.
I had to deal with cleaning up a lot of machines in a corporate environment where the previous admin didn't care about security policies and security.
I found a gem, I think I might still have the photo somewhere, it was a PC which had so many toolbars in IE that they took more than half the height of the screen to display them all. Obviously, the "faces for yahoo messenger" and "good looking email" (incredimail) were among the installed "goodies" on that machine.
Just to make it clear, I see the adware installed by apps as exploits all kinds of assholes use on people who have no clue what security is about. Telling them they might find their bank account empty or that their email account might send emails with porn to their entire list of contacts usually gives them a hint about what they expose themselves to.
P.S.: If you really "worked" there and you stopped doing that, I can hardly see the point in defending them. Perhaps you're the guy they paid to write that adware injector ("the small downloader")? You come off as the guy who defends the company he's working for because he wants to keep his job.
Please stop trying to explain or excuse what CNET is doing. It's not ok.
Im not sure about the deceptive tactics, they just trying to get people attention, not just unmarking checkboxes without reading.