I don't know if there's a detectable difference just looking at the ports; just having TeamViewer installed slightly increases the risk of any transaction being fraudulent though. I'm just trying to provide an example of how port data could be used for a meaningful purpose. Even just as an additional fingerprinting component it could be useful.