Um...when you were reading up on parameterised queries, did you notice how you were supposed to use them?
Dim CompQuery As String = "SELECT * FROM Company WHERE CompanyName = '" & txtCompName.Text & "' AND AssociationID = " & cmbUnderAssoc.SelectedValue & " "
does not use parameters. Instead, it uses the text directly and is wide open to SQL injection.
Dim CompQuery As String = "SELECT COUNT(*) FROM Company WHERE CompanyName = ? AND AssociationID = ?"
Dim compCommand As OleDbCommand = New OleDbCommand(CompQuery, con)
If Convert.ToInt32(compCommand.ExecuteScalar()) > 0 Then
MsgBox("Entry already exist! Please input new entry")