The message is saying that your configuration file is corrupt in some way. However it also says that it can’t actually access the config file. So I’d ignore the original message about corruption/lack of validity as this is most likely just the effect of not being able to read the file due to a lack of authorization.
The reason it cannot read the config file is because the process running your web app does not have permission to access the file/directory. So you need to give the process running your web app those permissions.
The access rights should be fairly straightforward, i.e. at least Read, and, depending on your app, maybe Write.
Above, you mention IUSR etc. not being in the properties for
web.config. If by that you mean that IUSR is not listed in the security tab of the file then it’s a good thing. One doesn’t want to give IUSR any kind of permission to web.config. The role IUSR is an anonymous internet user.
The file web.config should only be accessible through your application.
The problem is you haven’t said which OS and IIS version you are using so it’s difficult to advise which steps to take.
I.e. in IIS 7.5, the error message you’re quoting is likely to occur due to your ApplicationPoolIdentity not being assigned the permissions. Your web application belongs to an application pool and so you need to give the permissions to the OS account that your web application’s application pool runs under. Often this is something like NetworkService but you may have customized it to run under a purpose made account. Without more info it’s difficult to help you.