Is the value of the sha1 result the "speed" of the combination of ctr + hmac sha1 because it's the bottleneck or do I have to subtract these two values to get the combined speed of ctr + hmac sha1?
First of all, you should use AES-CBC just to be sure that you are using the right combination of algorithms. AES-CBC is much slower than AES-CTR on my machine. This is probably due to buffering; it is possible to precalculate large parts of the key stream for AES-CTR.
TLS packets are usually about 1.5 K in size, so you could use the 1024 byte blocks as best indicator. I've done the speed test with SHA-1, AES-CBC as well as AES-GCM.
So let's use the following values:
SHA-1 (representing HMAC-SHA-1): 1467708 kB/s
AES-CBC : 1330523 kB/s
AES-GCM : 3346640 k
Instead of GB/s you should really be looking at ns per kB, that way you can add the processing time together and then calculate it back to GB/s as you want.
Now we can calculate the speed of SHA-1 + CBC by performing:
$$T_{SHA-1\&CBC} = {1 \over {1 \over T_{SHA-1}} + {1 \over T_{AES-CBC}}}$$
where $T$ is the transfer speed in bytes per second.
This will result in the following value: 697876kB/s for SHA-1 + AES-CBC. That means that AES-GCM is about 4.8 times faster than SHA-1 + AES-CBC for a normal, unthreaded implementation. This is assuming that HMAC has the same speed of SHA-1 (which is approximately true in all probability, even though it has to process a little more data).