diff --git a/pkg/ps/snapshotter_windows.go b/pkg/ps/snapshotter_windows.go
index 68801b5ac..9d065a574 100644
--- a/pkg/ps/snapshotter_windows.go
+++ b/pkg/ps/snapshotter_windows.go
@@ -20,15 +20,16 @@ package ps
 
 import (
 	"expvar"
-	"github.com/rabbitstack/fibratus/pkg/sys"
-	"github.com/rabbitstack/fibratus/pkg/util/va"
-	"golang.org/x/sys/windows"
 	"path/filepath"
 	"strconv"
 	"strings"
 	"sync"
 	"time"
 
+	"github.com/rabbitstack/fibratus/pkg/sys"
+	"github.com/rabbitstack/fibratus/pkg/util/va"
+	"golang.org/x/sys/windows"
+
 	"github.com/rabbitstack/fibratus/pkg/config"
 	"github.com/rabbitstack/fibratus/pkg/event"
 	"github.com/rabbitstack/fibratus/pkg/event/params"
@@ -185,6 +186,11 @@ func (s *snapshotter) Write(e *event.Event) error {
 			e.AppendParam(params.Exe, params.Path, ps.Exe)
 		}
 
+		// if the process UUID has been initialized when
+		// the internal event arrived, reassign it to the
+		// current process state
+		proc.AssignUUID(ps)
+
 		e.AppendParam(params.ProcessTokenIntegrityLevel, params.AnsiString, ps.TokenIntegrityLevel)
 		e.AppendParam(params.ProcessTokenElevationType, params.AnsiString, ps.TokenElevationType)
 		e.AppendParam(params.ProcessTokenIsElevated, params.Bool, ps.IsTokenElevated)
diff --git a/pkg/ps/types/types_windows.go b/pkg/ps/types/types_windows.go
index 3d22d484f..93ccaa222 100644
--- a/pkg/ps/types/types_windows.go
+++ b/pkg/ps/types/types_windows.go
@@ -21,20 +21,22 @@ package types
 import (
 	"encoding/binary"
 	"fmt"
+	"path/filepath"
+	"strings"
+	"sync"
+
 	"github.com/rabbitstack/fibratus/pkg/sys"
 	"github.com/rabbitstack/fibratus/pkg/util/cmdline"
 	"github.com/rabbitstack/fibratus/pkg/util/va"
 	"golang.org/x/sys/windows"
-	"path/filepath"
-	"strings"
-	"sync"
 
 	"github.com/rabbitstack/fibratus/pkg/cap/section"
 	htypes "github.com/rabbitstack/fibratus/pkg/handle/types"
 	"github.com/rabbitstack/fibratus/pkg/pe"
 
-	"github.com/rabbitstack/fibratus/pkg/util/bootid"
 	"time"
+
+	"github.com/rabbitstack/fibratus/pkg/util/bootid"
 )
 
 // PS encapsulates process' state such as allocated resources and other metadata.
@@ -125,6 +127,14 @@ func (ps *PS) UUID() uint64 {
 	return ps.uuid
 }
 
+// AssignUUID assigns the UUID from the given
+// process if the UUID has been initialized.
+func (ps *PS) AssignUUID(proc *PS) {
+	if proc.uuid != 0 {
+		ps.uuid = proc.uuid
+	}
+}
+
 // ProcessSequenceNumber contains the unique process sequence number.
 type ProcessSequenceNumber struct {
 	Seq [8]byte