Security issue, possible injected ads

A co-worker says one of our sites is having ads injected, namely http://portaugustamechanical.com.au/
I don't see anything amiss.
He suggested it may be Easy Bootstrap Shortcode Pro pligin by Oscitas. Again I can't see any reports of plroblems with this plugin.
I've added Securi but I don't really know how to read what it reports.
I have some of your plugins running also - Google Maps, Dashboard and Smushit - any problems I should know about?
Any suggestions?