For starters, don't do it like that!
Concatenating strings took form an SQL command is an invitation to SQL Injection, which can damage or destroy your database.
Try:
string searchstr = string.Format("SELECT * From shakhes WHERE year = @YR AND month=@MN";
SqlCommand cmd = new SqlCommand(searchstr,scon);
cmd.Parameters.AddWithValue("@YR",x3.Text);
cmd.Parameters.AddWithValue("@MN",DropDownList1.SelectedIndex);