Are you using libvirt (virsh, virtmanager, etc)?
Some (most? all?) distros declare some kind of dependency relationship between libvirt and dnsmasq. For example, on Debian, the libvirt-daemon-system package Recommends the dnsmasq package (which means it will be installed when you install libvirt-daemon-system unless you have disabled installing recommended packages - e.g. with Install-Recommends "False"; in your /etc/apt/apt.conf).
Anyway, if you are using libvirt, look in /etc/libvirt/qemu/networks/autostart. Or, better yet, use the virsh commands to check -- see below.
If there is a file/symlink in there with rules for dhcp (which is pretty much the main reason for bothering to define a network in libvirt), then libvirt will start an instance of dnsmasq to provide dhcp, dns, and/or tftp services for the VMs. This is often enabled by default when you install libvirt.
Check to see if there are any autostarted network definitions:
virsh net-list --all
If there are, you can view the contents with virsh net-dumpxml. e.g. if the name of the network definition is "default":
virsh net-dumpxml default
If it enables dhcp, you can stop that (and stop it from autostarting on next reboot) with:
virsh net-destroy default # stop it running NOW.
virsh net-autostart --disable default # prevent it from auto-starting
PS: I disabled dnsmasq being started by libvirt years ago on my systems. I prefer to run unbound and ISC dhcpd.
