Quote by remy: This 'bot' is abusing the numeric id (lid in filemanagement) to get them all.
Is it downloading them all in numeric order? If not, did you check who owns the IP address?
The reason I'm asking is that I had a problem with Googlebot once, where it downloaded several files from the download area over and over again. That was easy to stop by telling it not to spider the filemgmt directory in the robots.txt.
If it is some other bot and it's coming from a static IP, it should be easy to stop with some .htaccess magic.
Otherwise, Blaine may have to implement something like a download speed limit in the plugin ...