The WordPress version you are using desperately needs updating.
<meta name="generator" content="WordPress 2.1.2" />
I do however, currently see a login link in your meta. The link only changes to "site admin" once you are logged in. I also see this at the end of the body in your source code.
This indicates that something can be hidden, but I did not see anything that was being hidden. This is sometimes used to hide spam links. If you don't know why it is there, it is worth investigating.
My advice would be that you should assume that something has, or may be in the process of disrupting your site. Contact your host and ask them what you have at your disposal ( I believe Bluehost offers phpMyAdmin), for viewing and changing your database. Also advise them of your suspicions. You must upgrade WordPress. No way around it if you want to reduce future risk. If you have been compromised already, simply upgrading is probably just a band-aid. There is more to it than just upgrading at that point.
Short of actually enlisting someone at your hosting company to assist you, ( by your admission, you may not be comfortable with what needs to be done ), you have a lot of learning to look forward to. You will need to address possible database intrusion ( as well as learning how to reset your admin information manually so you can regain control of your login ), what to look for in files and folders ( there is unlimited info here, and on search engines relative to WordPress vulnerabilities and their symptoms, past and present, as well as feedback on how to proceed).
I wish you very good luck, and I would hope that you have been backing up your database regularly. Best wishes,