HTTPS would prevent advert injection, assuming you didn’t accept a bad certificate at any point. But if they control your router and infrastructure, they can still redirect you to other pages however they want.