Cheat Engine

[Eraser]

I am trying to make a pointer via AoB scan but I don't know how to find an offset, I am using this script:

[Dark Byte]

assuming this is JIT'ed code and not part of the pcsx2 module (if it is, give up on code aob's)

anyhow, to make an aob you need to get rid of the bytes that can change between runs/patches
add ecx,eax is pretty static, so you can write down all bytes "01 c1"
js pcsx2-..... is not very static, only two bytes out of the 6 will remain the same. 0f 88, so "0f 88 ** ** ** **"
mov [ecx],edx is pretty static again, so 89 11

mov [pcsx....],002aa850 . This is interesting. 002aa850 doesn't seem like a address in memory.

In case it's really static, then only strip out the pcsx part of the opcode but leave that code there. (If it is in fact a dynamic address, wildcard it as well)
so: c7 05 ** ** ** ** 50 a8 2a 00 (If it is dynamic: c7 05 ** ** ** ** ** ** ** **)

And finally the mov eax,[pcsx...]
again comment out the [pcsx..] part, so "a1 ** ** ** **"

So, the final aob will be:
"01 c1 0f 88 ** ** ** ** 89 11 c7 05 ** ** ** ** 50 a8 2a 00 a1 " (you can ignore the last wildcards)


Note: In this example I state that the [pcsx...] parts should be wildcarded, but if you will never ever change pcsx emulator, then you can use these bytes
01 c1 0f 88 ** ** ** ** 89 11 c7 05 d8 8c 7f 01 50 a8 2a 00 a1 f0 8d 7f 01 (Note that I left the JS part wildcarded, as that is a relative address, instead of a direct address)

Note2:
This aob starts at a360c, while you want a3614, so when you do an aobscan for this, you must add (a3614-a360c=)8 bytes to the result to get the address you wish

Edit,. nvm, I read it wrong, you already have the aob.
Anyhow, a pointer alone isn't possible, as there is no offset. You need to do a code injection script, that at least stores the address to a known location. Then you can use a pointer that makes use of that location