Well, we now have a hint as to hosting .... cpanel. I take it the yellow box to hide sensitive details for the path to the cron.php script in Moodle. That path, BTW, should be pointed to cron.php in codedirectory/admin/cli/cron.php ... from what I re-call of 2.6.x.
The -q switch supposedly runs it 'quitely' ... but then, do you then know it's working? All of it? Is there an error in some of the sub-crons ... like the checking for stale sessions in moodledata/sessions/ and cleaning those up?
Got ssh to server? Suggest ssh into server, changing into the moodlecode/admin/cli/ directory and running the cron.php script to see if there are any errors reported or what it might not be doing. Run it several times.
If you have ssh into server, might also have access to a cli thing called 'top'. Run that ... shows things like memory, swap space, as well as running processes ... in real time.
Not all hosting providers are 'moodle friendly' ... oh, yeah, they might provide you a script to install - one of those infamous one click installers ... which might/may not work as they should. Was your moodle installed with one of those?
Don't think that sharing where site is hosted to be that much of a security issue AND you might also share info on the package you are using ... relates to shared hosting or VPS or whatever chosen. Sometimes, hosting providers have their own customer FAQ's or Forums that are open to the public ... one can find some interesting responses from technical staff about issues with hosted packages, etc.
1000 user site isn't large, but then again, 1000 user site might actually be too much for what's been rented.
'spirit of sharing', Ken