Guest additions were installed and was not me

I am in whonix workstation and suddenly whonixcheck said i had 3 guest additions installed.
I did not install them…

They are installed by default for a long time.

Please post the exact messages here.

I removed guest aditions. The message appeared after i installed UNRAR, guess was in “no open source check”.
Virtualbox CEO said some time ago that they AGREE with NSA SPY and that everyone should help them, what means THEY DO HELP nsa.
And guest aditions are the CLOSED SOURCE part of virtualbox.
Whonix should keep only open source.

Extraordinary claims require extraordinary evidence.

What he actually said was:

Silicon Valley tycoon Larry Ellison, the founder of Oracle, defended the National Security Agency’s controversial domestic surveillance on Tuesday, saying it was needed to protect the public from terrorism.

“It’s great. It’s essential,” said Ellison during an interview with CBS News.

“President Obama thinks it’s essential. It’s essential if we want to minimize the kind of strikes that we just had in Boston,” he added, referencing the marathon bombing.

Ellison said the private sector had been gathering data about the public for much longer than the nation’s intelligence agencies and had amassed far more information.

“We’ve been collecting this information for so long, long before the NSA was collecting it,” he said. “American Express, Visa, all your credit card data, we have, and all your financial records.”

But he added that there was always a danger the government could cross a line into unacceptable surveillance that infringed on civil liberties.

“If the government used it to do political targeting,” Ellison said. “In other words, if we stop looking for terrorists and we start looking for people on the other side of the aisle.”

So, he is an apologist for the abuses, like most other Silicon Valley CEOs who bow before the security state. Usually this stems from a large part of their business model being predicated on vacuuming up all your personal data for targeted advertising purposes.

But note that is far from backdooring Virtualbox to provide the “NOBUS” crowd the ability to pwn any user they feel like targeting.

Still, it does suggest that users seeking a more secure solution should default to Qubes-Whonix and bypass Type II hypervisors (Virtualbox, KVM etc.) all together, if their hardware supports it.

VirtualBox guest additions aren’t closed source.

VirtualBox Oracle VM VirtualBox Extension Pack is a different thing, which was never installeable from Debian repositories and never installed in Whonix.

What parts of VirtualBox are problematic wrt Libre Software and references can be found here:

Whonix ™ Virtualization Platforms