The utmp file can be manipulated with the fwtmp command.

1.check the last modification time of the /etc/utmp file
ls -l /etc/utmp
-rw-r–r– 1 root root 1620 Jun 28 09:22 /etc/utmp

2.convert the binary /etc/utmp file to ascii :
/usr/sbin/acct/fwtmp /tmp/utmp.ascii

3.edit the /tmp/utmp.ascii file to remove the old entries
Note : the entries are sorted by date, simply use the login time reported
who(1) to find the lines to remove.

4.convert the file back to binary format :
/usr/sbin/acct/fwtmp -ic < /tmp/utmp.ascii > /tmp/utmp.binary

5.verify that all unwanted entries have been removed from the new file :
who /tmp/utmp.binary

6.verify that the /etc/utmp file has not been modified since the beginning of
this procedure :
ls -l /etc/utmp
-rw-r–r– 1 root root 1620 Jun 28 09:22 /etc/utmp
If the file has been updated do all the steps again.

7.replace the existing /etc/utmp file with the new one :
mv /tmp/utmp.binary /etc/utmp

8.verify that the file still has the same ownership and permissions :
ls -l /etc/utmp
-rw-r–r– 1 root root 1600 Jun 28 09:30 /etc/utmp