This is because the snooper was started as admin, and since WA is the child process, it also is started with admin rights.
Don't listen to anyone telling you to turn off UAC, because that's plain stupid. You don't want your PC to become as insecure as XP, where any misclick could damage the system permanently. It's like sitting as Root in linux, except with very little preventions, yet not enough to keep the system secure.