Just got off with the scammer. I have over 1 hour of footage, but I don't think it's worth the video editing and uploading. I've decided to write a summary instead (unless enough people ask for a video) :)
Just like any scammer would do in the beginning of a session, the Task Manager, the tree command, and Event Viewer was used to "scan" the system for viruses.
Quite surprisingly, after I typed in my fake payment details and it went through, the scammer opened some legit applications commonly used to fix/clean PCs...
Pretending that I used actual payment details, I inquired the scammer why he is using freeware to "fix" my virtual machine.
Again surprisingly, the scammer typed in a license key in Anti-Exploit that actually worked. I'm pretty sure the license key he typed in has been used many times, and I think Malwarebytes won't be so happy to hear that their license keys/software are being resold (since it's against their TOS)