Examples of applications include Microsoft Word, Windows Explorer, and Internet Explorer. These typically are not running when you log in or boot up. You have to open them.
Services are programs most users have never heard of. Examples include Alerter, Logical Disk Manager, and Event Log. Many users are familiar with some services, such as Security Center. Windows services typically are running when you log in or boot up, though a service may be set to automatic, manual, or disabled mode via the Services interface (accessed via the Control Panel).
By default, Windows services do not run as a real user. They run as a virtual user with administrative rights on the machine. If you see "LocalSystem" for the user ID of a program, you are looking at a Windows service.
The working directory for a Windows service is typically c:\WINNT, which is the normal designation for the Windows system directory. The default temporary directory is typically c:\WINNT\TEMP. There is no home directory for this virtual user. Consequently, a service can't directly store user-specific data.
This virtual user "LocalSystem" doesn't have access to such resources as network file shares, either. Providing it with such access requires configuring it to run as a domain user with access specified. But doing this gets it out of the pure Windows service role, and saddles it with a password. That brings additional issues and housekeeping baggage.
One big advantage a Windows service has over a Windows application is you don't need a user logged in for the Windows service to run. This resolves many security issues. If a program doesn't really need a user for it to do its thing, then it makes sense to write that program as a Windows service.