Sandboxie or a Windows 7 virtual machine, with no network access in either case. I don't actually scan the files with anything, but if something behaves suspiciously, then it's a no-go. I've been lucky so far, think I only had one bad crack in years. There are also online sandboxes where you can submit an executable and they will run it on a test system, analyze everything it does and create a report.
Keygens are preferable over cracks (you can just generate a key and then forget about it), and if a "crack" involves replacing or patching a .sys file, then find another solution, pay for the program or forget about it. Allowing unknown code to run with kernel privileges isn't a good idea.
PM sent :wwink: