I've had this problem a few times now, and whilst it's user error it's not obvious.
When you create a new website in IIS7 and application pool with Anonymous Authentication enabled, and configure the application pool with a user that has permission to read the web site directory you *could* assume that it will work. And then you browse the site and get blank pages back, a bit later you look in the log and see lots of 401 returns.
The cause? Open Internet Information Services (IIS) Manager, and click on the website, then under the "IIS" section double-click on Authentication, then click on the "Anonymous Authentication" item and select "Edit.." (right click or menu on right hand side). Change the "Anonymous user identity:" to being "Application pool identity".
Problem hopefully solved...