We need an tool that is capable to check if accounts have private keys at all defined (in encrypted format) then we can at least filter some of forged wallets. Thanks!
I noticed that inside the original wallet.dat file there are addresses to which the coins were transferred, that is, all outgoing transactions are written to the wallet file.