Try:
INSERT INTO Tb_Abc(Col1,Col2,Col3) VALUES ('" + txtvalue1 + "','" + txtvalue2 + "',NULL)
But please, don't do it like that! Do not concatenate strings to build a SQL command. It leaves you wide open to accidental or deliberate SQL Injection attack which can destroy your entire database. Use Parametrized queries instead.