Bash + coreutils + xxd, 73 71 69 bytes

printf \\x%s `xxd -r|xxd -p -s0x$1 -l$[(e=1+0x$2)?e-0x$1:-1]|fold -2`

Expects the hexdump on STDIN and start/end as command-line arguments.

This prints some warnings to STDERR, which is allowed by default.

JavaScript, 84 bytes

(s,f,t,u)=>s.replace(/.*:|  .*\n?| /g,'').replace(/../g,'\\x$&').slice(f*4,++t*4||u)

Explanation: Removes all the unwanted parts of the dump, prepends \x to each hex pair, then extracts the desired portion of the result. ||u is used to convert the zero obtained by incrementing the -1 parameter into undefined which is a magic value that causes slice to slice to the end of the string. 101 bytes if f and t are strings of hex digits:

(s,f,t,u)=>s.replace(/.*:|  .*\n?| /g,``).replace(/../g,`\\x$&`).slice(`0x${f}`*4,t<0?u:`0x${t}`*4+4)

PowerShell v2+, 175 157 142 133 129 bytes

param($a,$b,$c)'\x'+(($z=$a-split"`n"|%{$_[10..48]-ne32-join''-split'(..)'-ne''})["0x$b"..(("0x$c",$z.count)[$c-eq-1])]-join'\x')

Takes input $a, $b, $c, with $a as either a literal newline-separated string, or with the PowerShell `n character separating the lines. We set helper string $z as the heavily processed $a as follows --

First we -split on newlines, then, for each line |%{...}, we slice the middle section [10..48], use the -ne32 to remove spaces, -join it back together into one long string, -split it on every two characters (keeping the two characters), and -ne'' to remove the empty elements. This results in an array of two-element strings, like ('31','c0','b0'...).

We then slice into that array based on $b cast with the hexadecimal operator up to the value of $c. We need to use a pseudo-ternary here that accounts for whether $c is -1 or not. If it is, we choose the .count (i.e., the end element) of $z. Otherwise, we just prepend the 0x hexadecimal operator with $c in a string. Note that this is zero-indexed.

That array slice has its elements -joined together with a literal \x to form one string. That's prepended with another literal \x and the result is left on the pipeline. Printing is implicit.

Example

PS C:\Tools\Scripts\golfing> .\xxd-output.ps1 "00000000: 31c0 b046 31db 31c9 cd80 eb16 5b31 c088  1..F1.1.....[1..
00000010: 4307 895b 0889 430c b00b 8d4b 088d 530c  C..[..C....K..S.
00000020: cd80 e8e5 ffff ff2f 6269 6e2f 7368 4e58  ......./bin/shNX
00000030: 5858 5859 5959 59                        XXXYYYY" a -1
\xeb\x16\x5b\x31\xc0\x88\x43\x07\x89\x5b\x08\x89\x43\x0c\xb0\x0b\x8d\x4b\x08\x8d\x53\x0c\xcd\x80\xe8\xe5\xff\xff\xff\x2f\x62\x69\x6e\x2f\x73\x68\x4e\x58\x58\x58\x58\x59\x59\x59\x59

Perl, 114 bytes

($_,$a,$b)=@ARGV;s/^.*:|\S*$|\s//gm;@_=(m/../g);for(@_){s/^/\\x/}$"='';say substr"@_",4*$a,$b!=-1?4*($a+$b):2<<20;

Arguments given on the command line as a quoted string followed by two numbers. The numbers are taken in decimal (I know hex was used in the examples but it wasn't specified in the post)

Technically only works on inputs with up to 2^21 bytes since perl's substring method is silly

Python 2 and 3 - 164 162 150 146 134 150 bytes

Now accepts hex strings for second and third arguments.

j=''.join
def f(a,b,c):s=j(x[10:49].replace(' ','')for x in a.split('\n'));print(j('\\x'+s[i:i+2]for i in range(int(b,16)*2,1+2*int(c,16)%len(s),2))

Python 3.5, 125 bytes

import re
lambda s,b,e:re.sub(r'(\w\w)',r'\\x\1',re.sub(r'^.*?:|  .*$|\s','',s,0,8)[2*int(b,16):[2*int(e,16)+2,None][e<'0']])

Ungolfed:

def f(s,b,e):
    b = 2*int(b,16)
    e = [2*int(e,16)+2,None][e<'0']
    x = re.sub(r'''(?v)   # verbose (not in golfed version)
            ^.*?:     # match begining of line to the ':'
           |  .*$     # or match '  ' to end of line
           |\s        # or match whitespace
           ''',
           '',        # replacement
           s,
           0,         # replace all matches 
           re.M       # multiline mode
           )
    y = re.sub(r'(\w\w)', # match pairs of 'word' characters
           r'\\x\1',  # insert \x
            x[b:e])
    return y