When a network drive is mapped to a particular drive in the system, newer versions of ACC (MPT-integrated versions) receive callbacks in the form of <Mapped-drive-letter>:\XXXX.

For example, ACC receives a call-back from a mapped network share (Z:\XXXX) and a trusted share rule exists (\\<IP>\XXXX). A mismatch between the mapped network share and the trusted share rule exists. This mismatch results in EXECUTION_DENIED errors, similar to the one below, being recorded for all files in that share.
 
Example execution denied event in s3diag:
 
<EXECUTION_DENIED  file_name="Z:\PITS_File_Manager.exe" pid="424" process_name="C:\Windows\explorer.exe" ppid="1048" parent_process_name="C:\Windows\System32\userinit.exe" cksum="8710e96ed8fe513e9fddb6fea60c090a4cea889a" cksum256="465ec787bc3e1cc08c25afdb8f430a22ab2342e29603af82b5514afabbfbe9a4" event_time="1552639063049" event_time_system="Mar 15 2019:08:37:43" file_type="32bit-exe" is_system_file="false" deny_reason="File-Unsolidified" is_installer="false" user_name="PITS-TESTV\admin" />
  
NOTE: The call-back that ACC receives depends on the context in which it has been accessed. If the .exe file is accessed from the mapped drive location, the call-back that ACC receives is in the form of <Mapped-drive-letter>:\XXXX. If the .exe file is accessed as a network location, ACC receives a call-back as \\<IP>\XXXX.