I remember (probably around 10 years ago) of a compromised server with a couple of strange files ". " and ".. ". After looking into it I realized that they were a ftp server and a process name changer.
I would say your guess is correct, this script is probably used to spot weird file names which would pass unnoticed with a simple "ls".
It looks like it's searching for files/directories with unusual names (like ". ") that system administrators wouldn't normally notice.