After several attempts I was able to write a script.

This script is crude and some parts of this script are based on examples found on forums.

In a short brief.

If after updating to END 10.6.1 december update problem with corrupted xml still exist in evety case that i've seen ATP satus is unknown and in the EndpointSecurityPlatform_Errors.log

So the script searches for last occurence of "Adaptive Threat Protection is not responding" in the log file, extracts date from time stamp in this line and sets it as agent custom prep1
it also sets custop prep2 field witch current system date.

then it collect agent properties to the ePO server.

There is a downside to this, while updating there also is an "Adaptive Threat Protection is not responding" message in the log so it is better to check it the day after updating.

and hear are the scripts.

RUNME.ps1 -----------

#gGet last "Adaptive Threat Protection is not responding" event date
$data0 = Get-Content $env:DEFLOGDIR\EndpointSecurityPlatform_Errors.log | Where-Object { $_.Contains("Adaptive Threat Protection is not responding") }
$data0 = $data0 | select-object -last 1
$data0 = $data0.substring(0,10)

#Get current date
$CurrentDate = Get-Date -Format "dd/MM/yyyy"

#MaConfig Path
$MAConfigPath = "C:\Program Files\McAfee\Agent\maconfig.exe"

#CMDagent Patch
$CMDAgentPath = "C:\Program Files\McAfee\Agent\cmdagent.exe"

#Apply custom props
& $MAConfigPath -custom -prop1 "$data0" -prop2 "$CurrentDate"
Sleep -Seconds 5

#RCollect and send properties to the ePO server
& $CMDAgentPath /p
Sleep -Seconds 5

RUNME.bat -----------

@Former Member OFF

ECHO ==================================================

ECHO Run RUNME.ps1...

:: PushD

pushd "%~dp0"

:: Get software package source directory and set as variable SRCDIR

SET SRCDIR=

for /f "delims=" %%a in ('cd') do @set SRCDIR=%%a

:: Run PowerShell Script...

%comspec% /c %systemroot%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Bypass -File "%SRCDIR%\RUNME.ps1"

:: Always exit with Code 0

Exit /B 0
-----------

One more thing to fix this problem 

i've made a script (in 2 versions) that runs ENS RepairCache against ATP,  unfortunetly both of them are stuck in progress while running them from ePO

Both of them when run directly on the target system work fine. Running them using psexec with -h -s switches

After creating a package in eedk and deploying it through ePO first script repairs atp but it is stuck on "in progress" status
the second also is stuck in progress" but unfortunetlu don't repair atp

Could anyone provide some atvice for resolving this problem?

-----
@Former Member Off
cd "C:\Program Files\McAfee\Endpoint Security\Adaptive Threat Protection\RepairCache\"
start /w setupATP.exe /fam
Exit 
-----
the second script ends 
------
Exit /B 0
-----

This same issue is occurring on some machines that had the ENS December 2019 Update. They now have the ENS April 2020 update & are still experiencing this issue. I'm digging to find out was there a fix released in a recent update, but I have yet to find information on that. I'm probably going to have to open a support case to further investigate if a fix will be in a an update or if the Workaround is the fix.

In ENS window Status of ATP "Unknown"

In the view McAfee Security Status windows its shows:  McAfee Endpoint Security - Issue: ATP is not responding.