I would try something like: if(thisReading > lastReading + (lastReading * 0.2)) ignore thisReading. That is, if the reading increased more than 20% the reading is bad. Adjust for your situation.
I have seen it recommended to put a 10uf cap across the HCSR04 power pins to help stabilize the power (the ranger pulls current when pinging).
100 milliseconds, I think, should be long enough to let reflections die out.